Apache cannot start: Private key not found

Created:

2016-11-16 12:40:50 UTC

Modified:

2017-04-24 12:15:30 UTC

0

Was this article helpful?


Have more questions?

Submit a request

Apache cannot start: Private key not found

Applicable to:

  • Plesk 12.5 for Linux

Symptoms

  1. Apache web server cannot start with the following error in /var/log/apache2/error.log :
    [Thu Sep 15 13:35:57.874247 2016] [ssl:error] [pid 13258:tid 140571071620992] AH02579: Init: Private key not found
    [Thu Sep 15 13:35:57.874265 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    [Thu Sep 15 13:35:57.874273 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
    [Thu Sep 15 13:35:57.874279 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    [Thu Sep 15 13:35:57.874285 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=RSA)
    [Thu Sep 15 13:35:57.874293 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib
    [Thu Sep 15 13:35:57.874299 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
    [Thu Sep 15 13:35:57.874305 2016] [ssl:error] [pid 13258:tid 140571071620992] SSL Library Error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error (Type=PKCS8_PRIV_KEY_INFO)
    [Thu Sep 15 13:35:57.874308 2016] [ssl:emerg] [pid 13258:tid 140571071620992] AH02312: Fatal error initialising mod_ssl, exiting.
    [Thu Sep 15 13:35:57.874310 2016] [ssl:emerg] [pid 13258:tid 140571071620992] AH02564: Failed to configure encrypted (?) private key horde.webmail:443:0, check /opt/psa/var/certificates/cert04ug6MB
    AH00016: Configuration Failed

Cause

Default Plesk certificate /opt/psa/var/certificates/cert04ug6MB is corrupted or contains invalid data

Resolution

  1. Check ownership and permission for certificate file /opt/psa/var/certificates/cert04ug6MB . It should be as follows:

    # stat /opt/psa/var/certificates/cert04ug6MB
    File: `/opt/psa/var/certificates/cert04ug6MB'
    Size: 2973 Blocks: 8 IO Block: 4096 regular file
    Device: a090b631h/2693838385d Inode: 422151 Links: 1
    Access: (0400/-r--------) Uid: ( 0/ root) Gid: ( 0/ root)
    Access: 2016-09-16 00:37:48.149111885 +0700
    Modify: 2016-07-23 03:57:47.520196893 +0700
    Change: 2016-07-23 03:57:47.523196936 +0700
  2. Replace content of this file with a private key and a ceritificate which should be taken from fields Private key (*.key) and Certificate (*.crt) on Home > Tools & Settings > SSL Certificates > default certificate page. It should look like as follows:

    # cat /opt/psa/var/certificates/cert04ug6MB
    -----BEGIN PRIVATE KEY-----
    MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDQ+ke3XbjTkO62
    LGDW2yTo2X4rjaQPWBFj+TNHy8J7JMa0EVna0j4ah+GY972QnWAmUGWxWBCyMJKO
    xsryWcrFLKge4dci1bdCTO1r7csb19b+4GhjHfKOEWj58Wa5XE9yPPylkATVhsrD
    OrPJuf+bqt7oMgGt42jJc3p+7nHpQLpJin2Hm9gwo4CtytwumDtx3lilBGWmgtfc
    9Yi3jjomNQkXEDWPPJvXIdBEtLF9hRXnIzDZae2VFlb0M+FuHacI+mOZbQ0SFXar
    ...
    k34tlEF5uqBncdTgybHpNS9Ko45oafdc000OUw8bu1dsk5gcIrnIZs+BPYySR5eC
    rz41ib6Hd5VOTy4Nnd03/FXW
    -----END PRIVATE KEY-----
    -----BEGIN CERTIFICATE-----
    MIIDfTCCAmUCBFeSiEYwDQYJKoZIhvcNAQELBQAwgYIxCzAJBgNVBAYTAlVTMRMw
    EQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdTZWF0dGxlMQ0wCwYDVQQKEwRP
    ZGluMQ4wDAYDVQQLEwVQbGVzazEOMAwGA1UEAxMFUGxlc2sxHTAbBgkqhkiG9w0B
    ...
    LudVURyHKwKKH+PTkX6YfQWCmwhnY/KzveK0ytr+EIG6
    -----END CERTIFICATE-----
Have more questions? Submit a request
Please sign in to leave a comment.