"OpenSSL:error:0B080074:x509 certificate routines:x509_check_private_key:key values mismatch"

Posted on 4:30 PM by Bharathvn

This problem will occur if the private key and certificate do not match.To resolve this problem, specify the correct private key for the certificate. Compare the modulus of the certificate against the modulus of the private key to see if they match. Follow these steps:

1. View the certificate modulus using the following command:

openssl x509 -noout -text -in www.mydomain.com.crt –modulus



2. View the key using the following command:

openssl rsa -noout -text -in www.mydomain.com.key –modulus


3. Verify the following:

o Verify that the certificate and private key is saved in notepad/vi and that it has no trailing spaces.
o The "modulus" and "public exponent" portions in the key and the certificate must match exactly.
o Verify the modulus of the default server.key file as the CSR could have been generated off this key.
o You should also check the httpd.conf file to make sure that the directives are pointing to the correct private key and certificate.
o Search for all private keys on your server and compare the modulus. Use the following commands: locate "*.key" or find / -name "*.key"

4. If they do not match, you will have to reissue your certificate.