Troubleshoot SSL certificates and keys

Before running the commands shown on this page, you should load the Bitnami stack environment by executing the installdir/use_APPNAME script (Linux and MacOS) or by clicking the shortcut in the Start Menu under “Start -> Bitnami APPNAME Stack -> Application console” (Windows). On OS X VMs, the installation directory is /opt/bitnami and OS X VM users can click the “Open Terminal” button to run commands. Learn more about the Bitnami stack environment and about OS X VMs.

TIP: To quickly get started with HTTPS and SSL using a Linux native installer, follow these instructions to auto-configure a Let’s Encrypt SSL certificate.

If you get an error like this in the Apache error log file, it is because an incorrect certificate or key is in use.

[Mon May 12 15:37:46.891294 201X] [ssl:emerg] [pid 15450] AH02565: Certificate and private key example.com:443:0 from installdir/apache2/conf/bitnami/server.crt and installdir/apache2/conf/bitnami/server.key do not match

Verify that the current key matches the certificate file with the following commands. Note that the SHA checksum of the key and certificate must match.
- Check your certificate:
```
$ openssl x509 -in server.crt -pubkey -noout -outform pem | sha256sum
```
- Check your key:
```
$ openssl pkey -in server.key -pubout -outform pem | sha256sum
```

The output of the two commands above should match. In case of a mismatch, the wrong key is in use for the certificate and so Apache will not start until the issue is resolved.

Last modification September 9, 2020

Kubeapps

Kubernetes Tutorials

Documentation

Tutorials

Support

Open Source

We're hiring

Resources

Newsroom

About Us

Careers

Partners

Troubleshoot SSL certificates and keys

Products

Projects

Solutions

Company

Legal

Support