key不匹配是怎么回事？

xdtianyu / scripts

scripts for work

https://www.xdty.org

1.03k stars 245 forks source link

key不匹配是怎么回事？ #20

Closed jjsty1e closed 8 years ago

jjsty1e commented 8 years ago

failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

xdtianyu commented 8 years ago

请贴一下配置文件，注意掩盖敏感信息

jjsty1e commented 8 years ago

配置文件如下：

ACCOUNT_KEY="account.key" DOMAIN_KEY="ch.yeskn.com.key" DOMAIN_DIR="我的blog根目录" DOMAINS="DNS:ch.yeskn.com"

生成的文件如下： account.key ch.chained.crt ch.crt ch.csr ch.yeskn.com.key lets-encrypt-x3-cross-signed.pem

xdtianyu commented 8 years ago

这个错误是哪里报出来的？是运行的脚本还是 web 服务器？如果是脚本请将上下文的日志也贴上来，如果是 web 服务器请将你的 web 服务器配置文件贴出来

jjsty1e commented 8 years ago

是我修改ssl_certificate和ssl_certificate_key后重启nginx后出来的：

sudo /usr/local/nginx/sbin/nginx -s reload nginx: [emerg] SSL_CTX_use_PrivateKey_file("/root/proj/xdtianyu/account.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

xdtianyu commented 8 years ago

证书对配错了，请仔细阅读 README 最后生成的 example.chained.crt 是证书文件， example.com.key 是私钥。

一个参考配置

server_name  lets-encrypt.xdty.org;
ssl_certificate certs/letsencrypt.chained.crt;
ssl_certificate_key certs/letsencrypt.key;