Announcement

Collapse
No announcement yet.

Supplied private key data is invalid

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Supplied private key data is invalid

    Hey all,

    I just created a new certificate (4096 SHA2) for a siteworx account and want to install the private key. But I get the following error:

    There was a problem validating the form. Please see details below.
    Supplied private key data is invalid!

    Any ideas why that would happen? I've tried copy-pasting the key in several ways, no luck...

    Cheers,

    Michael

  • #2
    Hi Michael

    I'm thinking it's connected with IW, which currently can only produce a SHA1, unless it's been updated to SHA2.

    How did you create SHA2, was it from ssh with OpenSSL

    You could try to replace the key etc directly from /home/siteworx domain/var/domain/SSL I think from memory to see if that works, but a good pointer I found was to restart apache from ssh service httpd stop and service httpd start.

    I hope that helps and sorry if I am wrong

    Many thanks

    John

    Comment


    • #3
      Hi John,

      we're using Startcom certificates and I created my private key there. So you're saying Interworx doesn't support SHA2? Or it simply can't create them yet?

      I'll have a look at /home/siteworx domain/var/domain/SSL now...

      Muchas gracias

      Michael

      Comment


      • #4
        I've tried replacing the key, restarted Apache, but get this error when entering the SSL certificate:
        Supplied private key data is invalid!
        :-(

        Comment


        • #5
          Hi Michael

          Sorry, IW can use SHA2 Certs, our Certs are SHA2.

          I thought you had created a private SSL and not paid SSL.

          Why are you replacing the private key and not just installing the cert, which you would have had your private key created before creating the csr.

          My best advice for quickness, is to start again on siteworx SSL, ie delete all SSL settings, create new private key, create csr, regenerate SSL from provider, install only the cert and chain

          Test, if not working restart apache manually from ssh ie do stop and then start, not a restart

          Hope that helps

          Many thanks

          John

          Comment


          • #6
            Hey John,

            I've just tried following your advice (replacing key). Naturally I did try to install the private key first, exactly as I got it from the provider. That's my original problem, resulting in "Supplied private key data is invalid".

            I didn't want to use CSR, I've created my private and public keys at the provider, but Siteworx wouldn't accept that private key.

            Cheers, Michael

            Comment


            • #7
              Hi Michael

              Many thanks, I think but could be wrong, sorry, that it is because IW can only create SHA1, which would give a SHA1 csr, but can accept and use SHA2 Certs and chains.

              I know IW will be working on updating SHA1 to 2, but not to sure when it's expected.

              Hopefully another user who has experience of SSL creation from outside IW will post, but sorry, we have always generated SSL from csr.

              Sorry I couldn't be more helpful

              Many thanks

              John

              Comment


              • #8
                Like always the Interworx support was awesome and able to help me. They found out that the private keys we received from Startcom are encrypted by default and have to be decrypted first in order to be accepted by Nodeworx/Siteworx.
                Startcom has a tool to decrypt keys with the respective passphrase and using that decrypted key then finally worked.

                More explanation from Robert: If a private key is encrypted with a passphrase, we would need to insert the passphrase every time there's an httpd restart. Which happens regularly as part of InterWorx's cron, as well as any time you add a new account or domain. So that's why they don't/can't work.

                Hope that information helps others too.

                Comment

                Working...
                X