Tried reissue of private key and reissue of certificate but the key still does not match.
What reasons would the key not match the certificate?
I have made a server choice that is incorrect but on reissue of the certificate there
is no place to change that selection. Could that be the problem?
Does the email address on the CSR have to match the InstantSSL account information?
regards.
John
Hi,
The key mismatch issue relates to only one thing.
Within the Private Key and resulting certificate is a ‘modulus’.
In effect a string which matches the Private Key and certificate as a pair.
If they do not match then SSL cannot be activated.
I would recommend creating a CSR and then backing up the Private Key immediately.
If this is IIS there are instructions to do this on support.comodo.com knowledgebase.
Ask the support team to re-issue the certificate from the CSR that you have now created.
You must use the certificate that is issued from that CSR, not the originally issued certificate.
If, when you come to install the certificate you get the same error, restore the Private Key you backed up earlier, then try again.
The only way these cannot match is if the Private Key is being overwritten on the server, or if the Private Key you are trying to use is the wrong one.
Garry