Reissued SSL certificate but doesn't have .key file

0
votes

The issue I'm having is reinstalling an SSL certificate purchased through Namecheap.
When I purchased the certificate, I received a .zip file with these files:

  • domainname.ca-bundle
  • domainname.crt
  • domainname.p7b

When trying to install the SSL certificate, on an apache2 server using SSH, it was originally configured to use a .key file. I have tried modifying the certificate to use p7b but this generates an error.
Here is the code:

 SSLEngine on
 SSLCertificateFile /var/www/domainname/public_html/domainname.crt
 SSLCertificateKeyFile /var/www/domainname.ca/public_html/domainname.p7b
 SSLCertificateChainFile /var/www/domainname.ca/public_html/domainname.ca-bundle

What modifications or changes must I make in order to install this SSL Certificate?
Thanks for any help or assistance in this matter, been trying to fix this for a while!

1
sslssl-certificateapache2
None of those files are the private key. The private key normally does not come from the CA. You generate it locally, with the CSR, and get back a certificate. You will need to find which private key you used for this certificate and use it in SSLCertificateKeyFile. Have a look at knowledge.digicert.com/generalinformation/INFO4448.htmlPatrick Mevzek
Hey Patrick, your advice was spot on. I looked up some openssl commands to compare the .key and .cert file to make sure they matched. It was indeed the incorrect .key file and I managed to find the correct key to install it correctly. Thank you for your helpful advice and here is the source I used for the commands: ssl.com/faqs/… In case this helps someone else with the same issue.RichardManson
You should post an answer to your own questions with details on what you did, so that it could help others in the future, and then just acknowledge your answer as the correct one, so that the question is then closed properly.Patrick Mevzek
I've added an answer now, thanks Patrick! Still getting used to the protocol for asking questions here.RichardManson

1 Answers

0
votes

I looked up some openssl commands to compare the .key and .cert file to make sure they matched. It was indeed the incorrect .key file and I managed to find the correct key to install it correctly. Thank you for your helpful advice and here is the source I used for the commands: https://www.ssl.com/faqs/how-do-i-confirm-that-a-private-key-matches-a-csr-and-certificate/ In case this helps someone else with the same issue. – RichardManson 3 hours ago