Replaced privatekey with StartSSL generated private key. Unable to connect to server

Hello, I’ve messed up quite a bit.

I’m trying to configure my SSL certificate. I made a mistake on StartSSL and did not provide CSR. Instead I generated a private key. StartSSL then gave me a certificate. When I try to install this certificate I get the following error

“The certificate does not correspond to the private key at /home/user-data/ssl/ssl_private_key.pem.”

So, I replaced ssl_private_key.pem and replaced it with the private key startssl gave me. I then rebooted the server, ran setup again (sudo mailinabox). It says mailinabox is running after the setup. I then tried to log into the web admin page and was unable to connect (Problem loading page firefox)

I understand what I did was probably a terrible idea. This is just something I’m doing as a fun project, so it’s no big deal if I need to just clear the machine/start over/whatever. However, I would like to know what I did wrong and if it’s possible to fix it so I can learn.

Thank you in advance.

It depends on what exactly the error is.

If you delete everything in /home/user-data/ssl and then re-run Mail-in-a-Box setup, it’ll get you working again.

Alright. I will do that. I’ll update with the progress. Thank you so much Josh for your work here!

deleted ssl directory then rebooted. Now I can connect to server. Thanks!

Now I got this SSL cert with StartSSL. Is there any server-side changes I can make that will let the SSL cert match with the private key? I don’t want to revoke the current cert. Once again, thanks. If I find an answer before a response I’ll be sure to post it.

What you did wasn’t actually wrong. Maybe it was working(-ish) but you didn’t include intermediate certificates. Without more details on what went wrong it’s hard to say, plus I don’t really support doing things that don’t follow the instructions (just for lack of time).

I think I did the same with my TLD at StartSSL. Unfortunately without a wildcard as far as I know – e.g., it shows up as rather than * on the StartSSL page. I’m really an SSL noob – what files should I generate at StartSSL and where do I put them to get it working?

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.