Hi All, I have an issue at the moment involving Apache and a certificate issued from a Microsoft Internal CA. We have a new application that has a requirement for SSL and is Apache based. I have successfully generated a key file from Apache, as well as a corresponding CSR which I generated the certificate from. However, when I attempt to use the certificate generated by the internal CA, the Apache service fails to start. Providing the following message:- "Windows could not start the Apache 2.2 on local computer........... contact the vendor and refer to service-specific error code 1" In the system event logs the following is recorded:- "The Apache 2.2 Service terminted with service-specificed error incorrect function" If I revert back to the self generated certificate, the service starts with no issue at all. Has anyone got any idea what the issue could be?     

Hi, thank you for posting here. If I am correct Tomcat is using the Java keystore and Apache has a key file and a certificate file on the file system. So for Apache make sure that the certificate is in the base64 format. E.g. if you open the file with notepad or if you run a cat on linux the first line will start with ----- BEGIN CERTIFICATE -----. If not you need to convert the file: openssl x509 -inform DER -in <cert.der> -outform PEM -out <cert.pem> OR on Windows open the certificate again, click on the Detail tab and Copy to File. Make sure that you select the base64-encoded option. Hope that helps, Lutz

Hi, Thanks for posting in Microsoft TechNet forums. I am trying to involve someone familiar with this topic to further look at this issue. There might be some time delay. Appreciate your patience. Thank you for your understanding and support. Regards Kevin TechNet Subscriber Support If you are TechNet Subscription user and have any feedback on our support quality, please send your feedback here.

Hi Thanks for your response, I am using the Apache Key store and the certificate I generate from our internal CA is always exported as a base64 encoded certificate . The request I generate from the Apache Service is a CSR that begins with "--------BEGIN CERTIFICATE-------------" . I am at a real lose as to why this isnt working as the certificate is valid and and the windows OS on the target server recognises that, but Apache isnt quite as happy. Any other things I could try?

Hi, i'm not quite sure how Apache works with certificate. Here i'd like to provide following informaiton. http://httpd.apache.org/docs/2.2/glossary.html http://httpd.apache.org/docs/2.2/mod/mod_ssl.html if it doesn't help, maybe we should confirm with Apache to check if there is some addtional requirements of certificate for Apache . Best regards, Jason Mei Please remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.