ssl 서버를 구축할 때, 다음의 문제가 생겼다.
[Mon Dec 15 11:34:07 2008] [warn] RSA server certificate CommonName (CN) `VeriSign Trial Secure Server Test Root CA' does NOT match server name!?
[Mon Dec 15 11:34:07 2008] [error] Unable to configure RSA server private key
[Mon Dec 15 11:34:07 2008] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
해결은
openssl x509 -noout -text -in ssl_2008_customer.crtopenssl rsa -noout -text -in ssl_2008_customer.nodes.key
이 두개의 modulus가 동일을 한지 확인하면 된다. 서로 같지 않으므로, 이 것은 제대로 ssl을 전달해주지 못한 것으로 판단
출처
http://www.enterprisessl.com/ssl-certificate-support/server_faq/ssl-server-certificate-apache.html
Error: "OpenSSL:error:0B080074:x509 certificate outines:x509_check_private_key:key values mismatch"
This error message occurs if you are using the incorrect certificate or private key during installation. So you need to use the matching key and certificate files.
To check that the public key in your cert matches the public portion of your private key, view both files, and compare the modulus values with the following instructions:
To view the certificate:
openssl x509 -noout -text -in certfile
To view the key:
openssl rsa -noout -text -in keyfile
The "modulus" and "public exponent" portions in the key and the certificate must match exactly. If the "modulus" do not match exactly then you are using either the incorrect private key or certificate.
'web' 카테고리의 다른 글
rewrite에서 exclude 사용하기 (0) | 2009.01.30 |
---|---|
자바스크립트 - Dom 생성하기 (0) | 2009.01.06 |
Apache SSL 서버 만들기 (0) | 2008.11.25 |
SQL Injection 공격에 따른 웹 어플 대응 (java) (0) | 2008.11.07 |
아파치에서 MaxClients 수정 (0) | 2008.09.02 |