Ooops, my bad.
~$ sudo openssl rsa -in /etc/ssl/private/owncloud.key -check RSA key ok So the key file itself is not the problem... Am Mo, 29. Sep 2014, um 22:15, schrieb Benjamin Oppermann: So should I revoke the changes to permissions I made, or remove permissions for my user, leaving only root? ~$ openssl rsa -in /etc/ssl/private/owncloud.key -check Error opening Private Key /etc/ssl/private/owncloud.key 139748944725664:error:0200100D:system library:fopen:Permission denied:bss_file.c:398:fopen('/etc/ssl/private/owncloud.key','r' ) 139748944725664:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:400: unable to load Private Key I take it this means the key file is broken? Am Mo, 29. Sep 2014, um 21:57, schrieb Daniel: a private key should never be accesible to groups or others, just root as read only. Having said this... have you checked the key file is correct? try this: openssl rsa -in /etc/ssl/private/owncloud.key -check 2014-09-29 21:22 GMT+02:00 Benjamin Oppermann <[1]ben....@eml.cc>: Ok, I tried this. The permissions are now: ~$ sudo ls -l /etc/ssl/private/owncloud.key -rw-r--r-- 1 root ben 1704 Sep 28 04:01 /etc/ssl/private/owncloud.key I still get the same error. Regards Ben Am Mo, 29. Sep 2014, um 14:12, schrieb Bremser, Kurt (AMOS Austria GmbH): > The first thing that I'd try is > sudo chmod go+r /etc/ssl/private/owncloud.key > > Kurt Bremser > AMOS Austria > > Newton was wrong. There is no gravity. The Earth sucks. > ________________________________________ > Von: Benjamin Oppermann [ben....@eml.cc] > Gesendet: Montag, 29. September 2014 13:31 > An: [2]users@httpd.apache.org > Betreff: **SPAM?** [users@httpd] "corrupted content" error, httpd can't > access SSL key file [wd-vc] > > Hi, > I can't reach my website, I get a "corrupted content" error message in > the browser. > Looking into apache (version 2.4.7 on Ubuntu 14.04), I get > > ~$ apachectl -S > AH00526: Syntax error on line 22 of > /etc/apache2/sites-enabled/000-default.conf: > SSLCertificateKeyFile: file '/etc/ssl/private/owncloud.key' does not > exist or is empty > Action '-S' failed. > > However, I double checked that the file is in the appropriate location > and does contain the key, so maybe apache has no permission. afaik, it > doesn't run as root all the time - or only for a short time? > permissions for the key file are as follows: > > ~$ sudo ls -l /etc/ssl/private/owncloud.key > -rw------- 1 root ben 1704 Sep 28 04:01 > /etc/ssl/private/owncloud.key > > , where ben is my normal user. > It was suggested to me on the httpd IRC channel that maybe apparmor was > doing something wrong, but I don't know how to investigate that. > I did have a working configuration and made no changes to it before this > happened. The only change I made was to put a router between the second > gateway and the server and resolved the domain name to its local IP > inside the network (the page isn't reachable from inside either). > Just so you know, this is the first time I am setting up a server, and I > am all self-taught. > Reading suggestions for a good start are appreciated, but of course a > how-to or specific section of a manual would be more helpful than a > generic exhortation to rtfm :-) > Any hints? > Thanks, Ben > > --------------------------------------------------------------- ------ > To unsubscribe, e-mail: [3]users-unsubscr...@httpd.apache.org > For additional commands, e-mail: [4]users-h...@httpd.apache.org > --------------------------------------------------------------- ------ > To unsubscribe, e-mail: [5]users-unsubscr...@httpd.apache.org > For additional commands, e-mail: [6]users-h...@httpd.apache.org > --------------------------------------------------------------- ------ To unsubscribe, e-mail: [7]users-unsubscr...@httpd.apache.org For additional commands, e-mail: [8]users-h...@httpd.apache.org References 1. mailto:ben....@eml.cc 2. mailto:users@httpd.apache.org 3. mailto:users-unsubscr...@httpd.apache.org 4. mailto:users-h...@httpd.apache.org 5. mailto:users-unsubscr...@httpd.apache.org 6. mailto:users-h...@httpd.apache.org 7. mailto:users-unsubscr...@httpd.apache.org 8. mailto:users-h...@httpd.apache.org