1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

SSL installation problem

Discussion in 'Plesk for Linux - 8.x and Older' started by Joelee, Apr 3, 2006.

  1. Joelee

    Joelee Guest

    Hi I have just bought a SSL certificate from RapidSSL. When I was installing it from control panel of Plesk, it has below problem:

    unable to set the private key: probably the private key format is invalid.

    Is the private key the one I used to create the csr file please?

    Any response would be highly appreciated.

    Thank you in advance.
  2. Joelee

    Joelee Guest

    Hi I have found the solution: the problem relates to my private key being encrypted with a passphrase.
  3. jas8522

    jas8522 Basic Pleskian

    Feb 3, 2005
    Likes Received:
    Halifax, Nova Scotia Canada
    Solution for this

    It took me a long time to find the solution to this problem, and here it is for anyone else who comes upon it.

    Rather than having to generate a key with Plesk and order another SSL, you can do the following:

    1) Remove the encrypted password from the key:

    Remove the encryption from the RSA private key (while keeping a backup copy of the original file):

    $ cp server.key server.key.org
    $ openssl rsa -in server.key.org -out server.key

    Make sure the server.key file is only readable by root:

    $ chmod 400 server.key

    Then just import in to Plesk! I found these directions at http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#removepassphrase for reference.

    Or, if you really want the encrypted password, then you can copy the https section out of the httpd.include in /conf for your virtual host. Then disable SSL for the domain, and create a new file: /etc/httpd/conf/yourdomain.conf and paste in the info you copied before. Cut out everything except what is between <ifmodule mod_ssl> and </ifmodule> (should be quite large).

    Change the key to point to wherever you put the key and cert (usually /etc/httpd/conf/ssl.key and ssl.crt). Then in httpd.conf (before the line: include /etc/httpd/conf/httpd.include) put in: include /etc/httpd/conf/yourvhost.conf.

    Reboot Apache and it will prompt you for your security password!

    I really dislike the latter way of doing it, as it is quite messy, but it is indeed more secure if you require it.

    You will have to change the paths I included here to match your distro of course!