Apache is not throwing errors anymore and you could start it. That means that the certificate configuration you are currently using is valid. The only problem I see is that curl is throwing errors when accessing your site but that is because of the SSL certificate. I understand you also need to configure the Certificate Authority's certificate file in Apache. Please add this line to your /opt/bitnami/apache2/conf/bitnami/bitnami.conf file
You need to add that line next to the other "SSLCertificate" lines in the file. Remember to restart Apache later. Can you check if curl works properly now?
curl -LI http://localhost
curl -LI https://localhost
cat /opt/bitnami/apache2/conf/bitnami/bitnami.conf | grep SSLCertificate
tail -n 20 /opt/bitnami/apache2/logs/error_log
Digicert doesn't sign the private key, but when you use OpenSSL, it should give you the same hash because if a public key has been generated from a private key, they both should have the same hash. Can you test that again?
openssl x509 -in eagle4000_tedmachine_info.crt -pubkey -noout -outform pem | sha256sum
openssl pkey -in server.key -pubout -outform pem | sha256sum
I understand you used server.key and eagle4000_tedmachine_info.crt. If that's not correct, please change the names of the files when running the commands.
No, that's not correct. If you self-sign a certificate, you will be following a similar process than the CA does. The problem is that nobody (the browsers) knows about you so you get errors related to insecure connections.
As I said before, Digicert doesn't need to match the private key. All this time I've helped you to get the correct private key of your signed certificate. I didn't know how you created the info when you sent it to Digicert so at the end I told you to generate a new private key and send the certificate to Digicert again. That seemed to work.