HomeBlogschris's blog

Apache SSL - "Init: Private key not found"

Mon, 2008-12-08 17:08 — chris

When configuring Apache2 + SSL, you might experience the following error:

[error] Init: Private key not found

If you've followed a set of instructions like the Debian "Setting up an SSL Server with Apache2", or Ubuntu's "Apache2 SSL Setup", but you're stuck with this error message, the error really does mean what it's saying - which is that Apache can't find the private key component of your new SSL certificate.

You may have received back from your cert authority (or self-generated) a certificate file, which looks something like

-----BEGIN CERTIFICATE-----
MIICuzCCAiQCCQDE5NPAzcMKujANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMC
TloxEzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAcTC1dpZGdldFZpbGxlMRYw
FAYDVQQKEw1JbWFnaW5hcnlDb3JwMRQwEgYDVQQLEwtIZWFkIE9mZmljZTEYMBYG
A1UEAxMPc3NsLmV4YW1wbGUub3JnMR8wHQYJKoZIhvcNAQkBFhBpbmZvQGV4YW1w
bGUub3JnMB4XDTA4MTIwODA3MjEyNloXDTA5MDEwNzA3MjEyNlowgaExCzAJBgNV
BAYTAk5aMRMwEQYDVQQIEwpTb21lLVN0YXRlMRQwEgYDVQQHEwtXaWRnZXRWaWxs
ZTEWMBQGA1UEChMNSW1hZ2luYXJ5Q29ycDEUMBIGA1UECxMLSGVhZCBPZmZpY2Ux
GDAWBgNVBAMTD3NzbC5leGFtcGxlLm9yZzEfMB0GCSqGSIb3DQEJARYQaW5mb0Bl
eGFtcGxlLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtQHY7CiNJGav
nkLS2+g50ZPXdopO1DWSYcecRkuz3nyYS0op5NftG8Tv4F4EMe3PMcQxqlndf83u
fcp82i5EBquHVkB9oDqqkobhifa5HoV5xYTBoyvZcHZEPc+g2f1eMQPeY36AKL9q
31/SF+oGndCTYtgAQRIwMC41JJwbdOUCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAb
qbfSYG7lyJ+sX6e9tSXp+bBeFpx2QuSyMVdns/SAHXRawIFIoA7hxJNhruLLbBTd
1wMDxJuOlFLTcqnJuvBl/tjgdGZAl3/AwmB7mcVbPUkkgw1WvDdjR7t9uIWegRED
NDDZLTU5gMnXQyv7Wc1pWBUkh88q74qAUptzqZI04g==
-----END CERTIFICATE-----

If your .pem file in /etc/apache2/ssl/example.org.pem contains this, and gives the error above, you probably need to insert the KEY which was used to request the certificate into the same file. Apache is trying to warn you that while Apache can find the certificate, it can't find the private key which needs to be available as well.

If so, just combine both of these files together to create a complete .pem file, which will look something like:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQC1AdjsKI0kZq+eQtLb6DnRk9d2ik7UNZJhx5xGS7PefJhLSink
1+0bxO/gXgQx7c8xxDGqWd1/ze59ynzaLkQGq4dWQH2gOqqShuGJ9rkehXnFhMGj
K9lwdkQ9z6DZ/V4xA95jfoAov2rfX9IX6gad0JNi2ABBEjAwLjUknBt05QIDAQAB
AoGAR1fGDzbggrNyjtdZ0tFSULeL2i4jaeL/okiR4OcfqxbC1BIUNx2gWCykO3Pz
BVbtLnlc9f7bne8mDDCOS1Sm/KtE9YE8JgXpNocymE48Duw6MKTrcuEkWf3Sd4c7
enoxBTBQ2ASH2QpGp15UCMmTm5IB1kPTHk+oNk1MtB0UxrUCQQDw43x0BEykIC2V
IXyGVmdgjpiFcq2nreq/5zVVKt/AswqEc7laUcthNMDK47q3VOLtOJPV5LxIbevb
cJAEe8FzAkEAwFy0e8aMEVwoOmS7QyFdEG6wukAqICuH6SkUE6N61Ha/2cBO+GM7
YiiqF9NyH4NtJ0SRDPnAhXhGY7mOSAh6RwJBAMZvb18XB5eQVlxqWG1FkiVNckFE
Jd9iemYZbaq6BdZ05u4TcpX/mV17GnJIRNCvYbxvBgGGSsATpN6BDHJVDBcCQCOZ
BE1jkMglpcwol/70TaSc11egSCtr4trjHzQDLNfkodxKGlMdCgBARjnih1wNlkWO
Csm77kTE3UHXNN1ftEECQQCeia3PP3mPJCu0FsjBQxNiiamCFIKy0pLGw+YganWu
zb096xArL+kwA0/SYE19OjT2shtp/NwWpwBjCYgJhSDV
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICuzCCAiQCCQDE5NPAzcMKujANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMC
TloxEzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAcTC1dpZGdldFZpbGxlMRYw
FAYDVQQKEw1JbWFnaW5hcnlDb3JwMRQwEgYDVQQLEwtIZWFkIE9mZmljZTEYMBYG
A1UEAxMPc3NsLmV4YW1wbGUub3JnMR8wHQYJKoZIhvcNAQkBFhBpbmZvQGV4YW1w
bGUub3JnMB4XDTA4MTIwODA3MjEyNloXDTA5MDEwNzA3MjEyNlowgaExCzAJBgNV
BAYTAk5aMRMwEQYDVQQIEwpTb21lLVN0YXRlMRQwEgYDVQQHEwtXaWRnZXRWaWxs
ZTEWMBQGA1UEChMNSW1hZ2luYXJ5Q29ycDEUMBIGA1UECxMLSGVhZCBPZmZpY2Ux
GDAWBgNVBAMTD3NzbC5leGFtcGxlLm9yZzEfMB0GCSqGSIb3DQEJARYQaW5mb0Bl
eGFtcGxlLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtQHY7CiNJGav
nkLS2+g50ZPXdopO1DWSYcecRkuz3nyYS0op5NftG8Tv4F4EMe3PMcQxqlndf83u
fcp82i5EBquHVkB9oDqqkobhifa5HoV5xYTBoyvZcHZEPc+g2f1eMQPeY36AKL9q
31/SF+oGndCTYtgAQRIwMC41JJwbdOUCAwEAATANBgkqhkiG9w0BAQUFAAOBgQAb
qbfSYG7lyJ+sX6e9tSXp+bBeFpx2QuSyMVdns/SAHXRawIFIoA7hxJNhruLLbBTd
1wMDxJuOlFLTcqnJuvBl/tjgdGZAl3/AwmB7mcVbPUkkgw1WvDdjR7t9uIWegRED
NDDZLTU5gMnXQyv7Wc1pWBUkh88q74qAUptzqZI04g==
-----END CERTIFICATE-----

Comments

Thu, 2010-01-21 02:55 — Anonymous (not verified)

THANK YOU! This is exactly

THANK YOU! This is exactly the problem I had, and I had no idea what was wrong, seeing as my key/cert were correct. I appreciate you putting this here, and now I have HTTPS!

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <pre> <code> <br> <h2> <h3> <h4> <h5> <h6>
  • Lines and paragraphs break automatically.

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.