Check SSL certificates and keys

TIP: To quickly get started with HTTPS and SSL, follow these instructions to auto-configure a Let’s Encrypt SSL certificate. You can also use our interactive training scenario to learn how to enable HTTPS support in Apache with Let’s Encrypt or a custom SSL certificate.

If you get an error like this in the Apache error log file, it is because an incorrect certificate or key is in use.

[Mon May 12 15:37:46.891294 201X] [ssl:emerg] [pid 15450] AH02565: Certificate and private key example.com:443:0 from /opt/bitnami/apps/your_app/conf/certs/server.crt and /opt/bitnami/apps/your_app/conf/certs/server.key do not match
  • Verify that the current key matches the certificate file with the following commands. Note that the “Modulus” section in the key and certificate must match.

  • Check your certificate:

    $ openssl x509 -noout -text -in server.crt -modulus | grep Modulus
  • Check your key:

    $ openssl rsa -noout -text -in server.key -modulus | grep Modulus

In case of a mismatch, the wrong key is in use for the certificate and so Apache will not start until the issue is resolved.