Search Engine: Elastic

Article ID: 131242, created on Aug 4, 2017, last review on Mar 13, 2018

  • Applies to:
  • Operations Automation


OA Control Panel is unavailable.

Apache service does not start on UI node(s) with an SSL error in /var/log/httpd/error.log:

[Fri Aug 04 12:21:04 2017] [error] Unable to configure RSA server private key
[Fri Aug 04 12:21:04 2017] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch

Using strace during Apache service start reveals a broken brand configuration:

# strace -vvvttTfs1024 -e open service httpd start
1015390 12:43:43.416551 open("/etc/pki/tls/certs/", O_RDONLY) = 11 <0.000046>

The failure occurs after reading the mentioned crt file. There is a certificate/key pair mismatch:

[root@linui01 ~]# openssl x509 -noout -modulus -in  | openssl md5
(stdin)= 21bf98a442ef1129c9903c77f9cbb740
[root@linui01 ~]# openssl rsa -noout -modulus -in /etc/pki/tls/private/  | openssl md5
(stdin)= fb433e40b6d23e511a92cc3b97b33b62


Reseller managed to upload a broken certificate, leading to the Apache service crash.

The issue is planned to be improved in scope of POA-110175 (fixed in 7.1), POA-113379 (fixed in 7.3), POA-114635 and APS-44292 requests.


As a quick workaround, remove the faulty brand from Apache configuration:

# mv /etc/httpd/conf.d/ /root/

To fix the issue, make sure the correct certificate is installed for the brand.

5356b422f65bdad1c3e9edca5d74a1ae caea8340e2d186a540518d08602aa065 e12cea1d47a3125d335d68e6d4e15e07

Email subscription for changes to this article
Save as PDF