LetsEncrypt SSL Certificate import suddenly fails: the private key is incorrect. please upload again

Post your questions about Web Server usage and Apache + PHP + MySQL/SQLite web applications.
Post Reply
micattack
Starting out
Posts: 14
Joined: Sat Mar 06, 2021 12:25 am

LetsEncrypt SSL Certificate import suddenly fails: the private key is incorrect. please upload again

Post by micattack »

Hi

I have been using Control Panel - Security - SSl cert for 6-9 months now to import the letsencrypt cert that does get generated inside my nginx-proxy-manager (docker container station image)

Now for the first time (Firmware 5.0.0.1891) - and probably the first time I am doing this on 5.* firmware it does reject the private key with the error (translated from German):

the private key is incorrect. please upload again

I verified that these are the correct files, as I am using them directly in an apache-ssl config on another Apache running on that server without any problems. So the files should be correct and something in the check in that UI seems to be off.

Does anybody have any idea how to get the cert in here.

Where and how is that cert actually saved. it doesnt really seem to be /etc/stunnel/stunnel.pem and/or doesnt even use stunnel?

Regards
Mic
--
QLocker survivor; backup enthusiast
TS-351 with 5. + something FW (always up2date)
Celeron J1800/8GB RAM
RAID-5 (2x 256GB Transcent TS256GMTE110S + 3x 6TB Seagate ST6000VN001)
aidan
New here
Posts: 5
Joined: Sun Oct 12, 2014 9:06 am

Re: LetsEncrypt SSL Certificate import suddenly fails: the private key is incorrect. please upload again

Post by aidan »

I have this issue too I think, on QTS 4.3.4, It's worked in the past, but not today.
aidan
New here
Posts: 5
Joined: Sun Oct 12, 2014 9:06 am

Re: LetsEncrypt SSL Certificate import suddenly fails: the private key is incorrect. please upload again

Post by aidan »

For me at least, it looks like the Let's Encrypt certbot is now producing ECDSA private keys, instead of RSA, and the QNAP web interface only accepts RSA private keys (no larger than 2048 bits).

So I'll try making RSA keys next time.

In the mean time, I've also read that although the QNAP web interface only accepts RSA private keys, it's actually possible to manually put your ECDSA key in (via SSH for example), so I'm going to try that...

...yes, it was successful!
yungyang
First post
Posts: 1
Joined: Wed Dec 20, 2017 11:06 pm

Re: LetsEncrypt SSL Certificate import suddenly fails: the private key is incorrect. please upload again

Post by yungyang »

aidan wrote: Thu Dec 22, 2022 2:51 pm For me at least, it looks like the Let's Encrypt certbot is now producing ECDSA private keys, instead of RSA, and the QNAP web interface only accepts RSA private keys (no larger than 2048 bits).

So I'll try making RSA keys next time.

In the mean time, I've also read that although the QNAP web interface only accepts RSA private keys, it's actually possible to manually put your ECDSA key in (via SSH for example), so I'm going to try that...

...yes, it was successful!
It works!!
Thank you @aidan
You help me a lots, hank you!!
Post Reply

Return to “Web Server & Applications (Apache + PHP + MySQL / SQLite)”