openssl rsa -noout -modulus -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
unable to load Private Key
139850916881792:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
1 Like
OK you can’t use
openssl rsa …
with an ECC key.
1 Like
grep '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
1 Like
grep: /root/.acme.sh/cloud.hugoclo411.xyz_ecc/: Is a directory
1 Like
then:
grep '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/*
or
grep -R '\-\-\-\-' /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
1 Like
grep -R ‘----’ /root/.acme.sh/cloud.hugoclo411.xyz_ecc/
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr:-----BEGIN CERTIFICATE REQUEST-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr:-----END CERTIFICATE REQUEST-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----END CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/backup/fullchain.bak:-----END CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/ca.cer:-----BEGIN CERTIFICATE-----
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/ca.cer:-----END CERTIFICATE-----
1 Like
the files are gone…
moved?
maybe when you issued the
--install-cert
find / -name cloud.hugo*
1 Like
find / -name cloud.hugo*
/root/.acme.sh/cloud.hugoclo411.xyz_ecc
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.conf
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.csr.conf
/root/.acme.sh/cloud.hugoclo411.xyz
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.csr
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.conf
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.cer
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.key
/root/.acme.sh/cloud.hugoclo411.xyz/cloud.hugoclo411.xyz.csr.conf
1 Like
Please show this public cert file:
And we seem to have lost the "fullchain.cer" file...
1 Like
Also, please show to confirm they match:
openssl ec -pubout -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key openssl x509 -pubkey -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer
If matched, then update file:
/etc/nginx/sites-enabled/nextcloud.conf
ssl_certificate /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.cer;
ssl_certificate_key /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key;
1 Like
openssl ec -pubout -in /root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
read EC key
unable to load Key
139929287808384:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
1 Like
It was there earlier...
But now it is not there.
1 Like
please show only top part of this private file - FIRST LINE ONLY:
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/cloud.hugoclo411.xyz.key
1 Like
maybe you can just reissue a new cert (without doing the --install-cert):
acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --k ec-384
Then start nginx
systemctl start nginx
1 Like
acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --keylength ec-384
[Mon Dec 17 22:23:08 CET 2018] Standalone mode.
[Mon Dec 17 22:23:08 CET 2018] Single domain='cloud.hugoclo411.xyz'
unable to load Private Key
140581453714816:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
[Mon Dec 17 22:23:08 CET 2018] Create CSR error.
[Mon Dec 17 22:23:08 CET 2018] Please add '--debug' or '--log' to check more details.
[Mon Dec 17 22:23:08 CET 2018] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
first move or delete the files in:
/root/.acme.sh/cloud.hugoclo411.xyz_ecc/
Then
1 Like
also please show:
openssl version
1 Like
OpenSSL 1.1.0j 20 Nov 2018
1 Like
/.acme.sh# acme.sh --force --standalone --issue -d cloud.hugoclo411.xyz --keylength ecc-384
[Mon Dec 17 22:35:56 CET 2018] Standalone mode.
[Mon Dec 17 22:35:56 CET 2018] Creating domain key
[Mon Dec 17 22:35:56 CET 2018] Create key error.
[Mon Dec 17 22:35:56 CET 2018] Single domain='cloud.hugoclo411.xyz'
unable to load Private Key
139705709929856:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:686:Expecting: ANY PRIVATE KEY
[Mon Dec 17 22:35:56 CET 2018] Create CSR error.
[Mon Dec 17 22:35:56 CET 2018] Please add '--debug' or '--log' to check more details.
[Mon Dec 17 22:35:56 CET 2018] See: How to debug acme.sh · acmesh-official/acme.sh Wiki · GitHub
1 Like
1 Like