I’m thinking it’s connected with IW, which currently can only produce a SHA1, unless it’s been updated to SHA2.
How did you create SHA2, was it from ssh with OpenSSL
You could try to replace the key etc directly from /home/siteworx domain/var/domain/SSL I think from memory to see if that works, but a good pointer I found was to restart apache from ssh service httpd stop and service httpd start.
we’re using Startcom certificates and I created my private key there. So you’re saying Interworx doesn’t support SHA2? Or it simply can’t create them yet?
I’ll have a look at /home/siteworx domain/var/domain/SSL now…
I thought you had created a private SSL and not paid SSL.
Why are you replacing the private key and not just installing the cert, which you would have had your private key created before creating the csr.
My best advice for quickness, is to start again on siteworx SSL, ie delete all SSL settings, create new private key, create csr, regenerate SSL from provider, install only the cert and chain
Test, if not working restart apache manually from ssh ie do stop and then start, not a restart
I’ve just tried following your advice (replacing key). Naturally I did try to install the private key first, exactly as I got it from the provider. That’s my original problem, resulting in “Supplied private key data is invalid”.
I didn’t want to use CSR, I’ve created my private and public keys at the provider, but Siteworx wouldn’t accept that private key.
Many thanks, I think but could be wrong, sorry, that it is because IW can only create SHA1, which would give a SHA1 csr, but can accept and use SHA2 Certs and chains.
I know IW will be working on updating SHA1 to 2, but not to sure when it’s expected.
Hopefully another user who has experience of SSL creation from outside IW will post, but sorry, we have always generated SSL from csr.
Like always the Interworx support was awesome and able to help me. They found out that the private keys we received from Startcom are encrypted by default and have to be decrypted first in order to be accepted by Nodeworx/Siteworx.
Startcom has a tool to decrypt keys with the respective passphrase and using that decrypted key then finally worked.
More explanation from Robert: If a private key is encrypted with a passphrase, we would need to insert the passphrase every time there’s an httpd restart. Which happens regularly as part of InterWorx’s cron, as well as any time you add a new account or domain. So that’s why they don’t/can’t work.