Wrong SSL Certificate kills apache
short description
When customers try to add their newly generated certificate and they paste and save the wrong stuff in the wrong box, apache fails to match the pub & priv and refuses to start/reload properly. Consequence is that the service and all vhosts defined in apache are being killed and rendered inaccessible.
correct behaviour
Ideally, we'd have a system that validates the content copy-pasted by the customer. If everything is correct, it's added, activated, reloaded. Warning and nothing applied if not.
environment
Server OS: Redhat Server OS version: RedHat 6 (and 7, i presume) ISPConfig version: 3.1.15p2
log entries
Only shown for the specific customer that killed apache:
[Thu Aug 20 10:10:03 2020] [error] Unable to configure RSA server private key [Thu Aug 20 10:10:03 2020] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch