I recently setup a vsftpd 2.2.2 server running on Ubuntu Server 10.04 LTS that required SSL connections for the login and data transfer, however I wasn’t able to get the commercial SSL certificate from Comodo (InstantSSL) to work with the service. I later found out that I needed to concatenate the certificate that I received from Comodo with their latest bundle certificate, which I blogged about here before. However, I personally still couldn’t get this to work after much trial and error. When starting the vsftpd daemon from the command-line would produce the message “500 OOPS: SSL: cannot load RSA certificate”.
After a volley of email back and forth with Comodo Support over the past three weeks they helped me to isolate the problem. I was missing a single “-” at the end of my server certificate. At the end of your certificate it should have “—–END CERTIFICATE—–”, that’s five dashes on either side. I had four on the right-hand side, which prevented vsftpd from starting (although Apache never complained). I had searched on this error all over the Internet and never found a mention of this, so if you’re here searching on this error, check your dashes!
2 comments:
Thanks for your post. I was stuck with the same issue for quite some time and would of not spotted the missing hyphens!
Andy.
Thank you for this! It helped me as I was stuck with the same issue.
Sam
Post a Comment