spurious SSL error: originating from cherokee-admin
This post has NOT been accepted by the mailing list yet.
when adding/changing either cert or key for a vserver, the 'update' proc accepts whatever and it can be 'saved'. however, when the server is (re-)started and tries to use openssl to validate the cert to the key and it finds an error it will report that the error occurred in the vserver PRIOR to the one actually in error.
i.e., you have vservers A, B, C, D, and default (sequentially from top-to-bottom): if you induce an error in server 'C', the checking proc will report that the error was in 'B'.
obviously, not knowing this will cause you to waste a lot of time wondering/checking the csr, crt, and key for the wrong vserver. this is all the more confusing since everything is right in the server you are supposed to correct per the proc.