After you upload an HTTPS certificate to the Anti-DDoS Pro console, Anti-DDoS Premium console, or WAF console, the message The certificate and the private key do not match. is returned.
Cause and solution
|The uploaded certificate and private key do not match in content.||Check whether the MD5 values of the certificate file and the private key file are the same. If the MD5 values are different, the certificate file and the private key file are associated with different domain names.
You can run the following commands to view the MD5 values of the certificate file and private key file:
If the uploaded certificate and private key do not match in content, we recommend that you upload the correct certificate file and private key file.
|The Rivest-Shamir-Adleman (RSA) private key is in an invalid format.||Generate a private key and upload the new private key.
You can run the following command to generate a new private key:
Fix the certificate chain
When you purchase an SSL certificate, the certificate service provider offers you a complete certificate chain. The certificate chain includes an intermediate certificate and a domain name certificate. If no intermediate certificates are provided, we recommend that you use a tool to fix the certificate chain.
openssl s_client -connect <server ip>:443 -servername <domain name>
<server ip>: Set the value to the IP address of your server.
<domain name>: Set the value to the domain name of the website.