Nginx ssl X509 check private key values mismatch

 

SYMPTOMS

nginx[100845]: nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/letsencrypt/xxx.com/private.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

ROOT CAUSE

I try to combine ca_bundle.crt and certificate.crt as a new certificate.crt, but I mixed the order up. 

• wrong version

cat ca_bundle.crt certificate.crt > jfrog_certificate.crt

• verify certification and private key are the same.

# openssl x509 -noout -modulus -in jfrog_certificate.crt | openssl md5
(stdin)= 4a3cdea116805b67e64ff1a29f2ae8ed
# openssl rsa -noout -modulus -in private.key  | openssl md5
(stdin)= afdb98a0c92f175c86af2d241adb215f

Solution

Change the order, and create a new a new certificate.crt again.

• correct version

cat certificate.crt ca_bundle.crt  > jfrog_certificate.crt

• verify certification and private key are the same.

# openssl x509 -noout -modulus -in jfrog_certificate.crt | openssl md5
(stdin)= afdb98a0c92f175c86af2d241adb215f
# openssl rsa -noout -modulus -in private.key  | openssl md5
(stdin)= afdb98a0c92f175c86af2d241adb215f

P.S

CA bundle is a file that contains root and intermediate certificates. The end-entity certificate along with a CA bundle constitutes the certificate chain.

Reference

• ssl-error0b080074x509-certificate-routinesx509-check-private-keykey-values
• 【解决方案】SSL证书报错：X509checkprivate_key:key values mismatch

Running Docker on macOS M1 Issue

macOS Version - sw_vers

ProductName:    macOS
ProductVersion:    12.2.1
BuildVersion:    21D62

macOS detail Version - system_profiler SPSoftwareDataType

Software:

    System Software Overview:

      System Version: macOS 12.2.1 (21D62)

      Kernel Version: Darwin 21.3.0

      Boot Volume: Macintosh HD

      Boot Mode: Normal

      Computer Name: ooo的MacBook Pro

      User Name: ooo (Nobody)

      Secure Virtual Memory: Enabled

      System Integrity Protection: Enabled

      Time since boot: 1 day 13:57

Issue: qemu-x86_64: Could not open '/lib64/ld-linux-x86-64.so.2': No such file or directory

Just need to add --platform=linux/amd64 into Dockerfile

From --platform=linux/amd64 ubuntu:20.04

Reference:

• Library used on Linux image not found on M1 ARM64 image

Thanks to my colleague - Alan Chen.