Server httpd(OpenBSD), doesn't work server.key

I have tried several methods, but the SSL certificate doesn't work.

BSD# curl -vi https://192.168.1.21:443                            
*   Trying 192.168.1.21:443...
* Connected to 192.168.1.21 (192.168.1.21) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* (304) (OUT), TLS handshake, Client hello (1):
* error:02FFF036:system library:func(4095):Connection reset by peer
* Closing connection 0
curl: (35) error:02FFF036:system library:func(4095):Connection reset by peer

httpd.conf:

server "www.somename.ru" {
  3     listen on 192.168.1.21      port 80 
  4     listen on 192.168.1.21  tls port 443
  5     root "/htdocs/somename.ru"
  6     directory index index.php
  7     location "*.php*" {
  8         fastcgi socket "/run/php-fpm.sock"
  9     }
 10 
 11     tls certificate "/etc/ssl/server.crt"
 12     tls key "/etc/ssl/private/server.key"
 13 
 14 }

And I haven't changed the DNS server yet for this domain. Maybe this causes the problem, because the web site is accessible only via IP address and ports. The certificate is from Comodo.
I received four files, and verified them properly using cat, to make a bundle in the right order. External ports for my network are 543 (TLS) and 2050 (HTTP), so 443 taking for tunnel remote access, 80 for router, i can't take it. If I run httpd in debug mode:

BSD# httpd -d             
startup
server_tls_init: failed to configure tls - failed to read private key
server_tls_init: failed to configure tls - failed to read private key
server_tls_init: failed to configure tls - failed to read private key

But the key is correct; I checked it with openssl rsa -check -noout -in myserver.key | openssl md5 openssl x509 -modulus -noout -in myserver.crt | openssl md5 The key was encrypted openssl genrsa -out /etc/ssl/private/server.key 4096 openssl genrsa -aes256 -out /etc/ssl/private/server.key 4096 UPDATE: After some research, I close to answer. Something is wrong; the server couldn't decrypt server.key, and I don't know how to set instruction for that. doesn't help to solve problem :ciphers "TLSv1.2:TLSv1.3:!CAMELLIA:!ARIA:!DSS:!ADH:!PSK:!RSA:!ECDHE-RSA-AES128-SHA256:!DHE-RSA-AES256-SHA256:!DHE-RSA-AES128-SHA256"