I have Apache 2.2.8 running on Red Hat Enterprise Linux Server release 5 (Tikanga).

I have installed a purchased certificate on my server. Upon restarting httpd, I get the following error:

# /etc/init.d/httpd start
Apache/2.2.8 mod_ssl/2.2.8 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.

Server myserver.mydomain.com:443 (RSA)
Enter pass phrase:Apache:mod_ssl:Error: Private key not found.
**Stopped

In the log files, I can see the messages below:

[Mon Dec 21 21:21:23 2009] [error] Init: Private key not found
[Mon Dec 21 21:21:23 2009] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag
[Mon Dec 21 21:21:23 2009] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Mon Dec 21 21:21:23 2009] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
[Mon Dec 21 21:21:23 2009] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
[Mon Dec 21 22:18:34 2009] [info] Loading certificate & private key of SSL-aware server
[Mon Dec 21 22:18:34 2009] [info] Init: Requesting pass phrase via builtin terminal dialog

Apache is chrooted and the crt, csr and key files are found in the conf folder.

I used the commands below to check my .crt, .csr and .key files and they do match:

$ openssl x509 -noout -modulus -in server.crt ¦ openssl md5
$ openssl rsa -noout -modulus -in server.key ¦ openssl md5
$ openssl req -noout -modulus -in server.csr ¦ openssl md5

I have even given the .key file 777 permissions.

I have read that there can be 3 workarounds to this problem, but none of these are suitable for me:

1. Buy a new certificate
2. Disable the pass-phrase
3. Unencrypt the .key file

I would appreciate any help I could get from you. Below are my config files found at /chROOT/usr/local/lamp/httpd.2.2.8/conf

Thanks beforehand
Nemo

********************************** httpd.conf******************************
ServerRoot "/usr/local/lamp/httpd-2.2.8"

Listen 443
Listen 80

LoadModule perl_module modules/mod_perl.so
LoadModule php5_module modules/libphp5.so

<IfModule !mpm_netware_module>
User myuser
Group mygroup
</IfModule>

ServerAdmin serveradmin@mydomain.com

ServerName #*$!.yyy.com:80

DocumentRoot "/websites/yyy/"

<Directory />
Options FollowSymLinks
AllowOverride AuthConfig
Order deny,allow
Deny from all
</Directory>

<Directory "/websites">
Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo Options Indexes
Order allow,deny
Allow from all
</Directory>

<IfModule dir_module>
DirectoryIndex index.php index.html
</IfModule>

<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>

ErrorLog "logs/error_log"

LogLevel debug

<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>

CustomLog "logs/access_log" common
</IfModule>

<IfModule alias_module>
ScriptAlias /cgi-bin/ "/usr/local/lamp/httpd-2.2.8/cgi-bin/"

</IfModule>

<IfModule cgid_module>
</IfModule>

<Directory "/usr/local/lamp/httpd-2.2.8/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>

DefaultType text/plain

<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType application/x-httpd-php php
AddType application/x-httpd-php php3
AddType application/x-httpd-php-source phps
</IfModule>

ErrorDocument 403 [#*$!.yyy.com...]
ErrorDocument 404 [#*$!.yyy.com...]

Include conf/extra/httpd-vhosts.conf

Include conf/extra/httpd-default.conf

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

SetOutputFilter DEFLATE
SetEnvIfNoCase Request_URI \.(?:gif¦jpe?g¦png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe¦t?gz¦zip¦bz2¦sit¦rar)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary
FileETag None
TraceEnable Off

***********************************httpd-vhosts.conf***********************************

NameVirtualHost *:443
NameVirtualHost *:80

<VirtualHost *:80>
ServerName #*$!.yyy.com
DocumentRoot /websites/yyy/
ErrorLog logs/#*$!-error_log
CustomLog logs/#*$!-access_log common
ServerAdmin serveradmin@mydomain.com
</VirtualHost>

<VirtualHost *:443>
DocumentRoot "/websites/myserver/"
ServerName myserver.mydomain.com
ErrorLog logs/myserver.mydomain-error_log
CustomLog logs/myserver.mydomain-access_log common
ServerAdmin serveradmin@mydomain.com
</VirtualHost>

********************************httpd-ssl.conf******************************************

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin

SSLSessionCache "shmcb:/usr/local/lamp/httpd-2.2.8/logs/ssl_scache(512000)"
SSLSessionCacheTimeout 300
SSLMutex "file:/usr/local/lamp/httpd-2.2.8/logs/ssl_mutex"

<VirtualHost _default_:443>

DocumentRoot "/websites/myserver/"
ServerName myserver.mydomain.com:443
ServerAdmin serveradmin@mydomain.com
ErrorLog "logs/myserver.mydomain.com.ssl-error_log"
TransferLog "logs/myserver.mydomain.com.ssl-transfer_log"

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile "/usr/local/lamp/httpd-2.2.8/conf/myserver.mydomain.com.crt"

SSLCertificateKeyFile "/usr/local/lamp/httpd-2.2.8/conf/myserver.mydomain.com.key"

<FilesMatch "\.(cgi¦shtml¦phtml¦php)$">
SSLOptions +StdEnvVars
</FilesMatch>

<Directory "/usr/local/lamp/httpd-2.2.8/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog "/usr/local/lamp/httpd-2.2.8/logs/ssl_request_log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>