PDA

View Full Version : [SOLVED] no access to control panel (port 81)

atrias
20th June 2008, 23:46
Hello

I'm having problems accessing https://my.domain:81 as well as https://<ip>:81

firefox 3 gives error:
Though the site seems valid, the browser was unable to establish a connection.

I am running CentOS 5.1 (but i also plan to install on centos 5.2 in 3 days that it will be out :) )
i followed this HOWTO (http://www.howtoforge.com/centos-5.1-server-lamp-email-dns-ftp-ispconfig) to setup the system and then the installation procedure described in ISPconfig webpage

I followed the faq in this (http://www.howtoforge.com/faq/14_39_en.html) page but no solution

with netstat -tapn among others i get

tcp 0 0 0.0.0.0:81 0.0.0.0:* LISTEN 4900/ispconfig_http
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN 5066/proftpd: (acce


proftpd works ok from another PC in the LAN (at least it gives me a user/pass prompt)

firewall is off

/etc/init.d/iptables status
Firewall is stopped.


by the way (maybe it is relevant) the logs in:
/etc/httpd/logs
are the httpd logs of the web pages and not the control panel (port 81) correct?

so the logs in:
/root/ispconfig/httpd/logs
should be the logs of the control panel (port 81)

I'm asking because in the second path access_log and ssl_request_log are zero size and have not been touched since the day of ispconfig install

-rw-r--r-- 1 root root 0 Jun 19 23:26 access_log
-rw-r--r-- 1 root root 1296 Jun 20 17:30 error_log
-rw-r--r-- 1 root root 5 Jun 20 17:30 httpd.pid
-rw-r--r-- 1 root root 7738 Jun 20 17:30 ssl_engine_log
-rw-r--r-- 1 root root 0 Jun 19 23:26 ssl_request_log


any hints would be greatly appreciated!
i haven't even seen yet how the control panel looks like! :o
falko
21st June 2008, 11:36
I guess the SSL certificate is corrupt. You can recreate it as shown here: http://www.howtoforge.com/forums/showthread.php?t=121
atrias
21st June 2008, 11:53
thank you for your quick reply

i have already done this (forgot to mention it)

openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key

any other suggestions please?
matzhu
22nd June 2008, 04:23
I was about to post saying that I had the same problem when I discovered that I could access my server through port 81 from a remote connection. I disabled my firewall (Comodo) and voila: connection. I then added port 81 to Comodo's port sets and all is well.

I went ahead and posted this mainly because it seems that something changed with Comodo since yesterday as I was able to access through 81 at that time. I assume it's an update as I have not touched any settings in Comodo since the problem started.
falko
22nd June 2008, 14:39
thank you for your quick reply

i have already done this (forgot to mention it)

openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key

any other suggestions please?

Did you accept the default values, or did you type in your own values? If you type in a wrong value, the certificate will not work.
atrias
23rd June 2008, 00:15
I was about to post saying that I had the same problem when I discovered that I could access my server through port 81 from a remote connection. I disabled my firewall (Comodo) and voila: connection. I then added port 81 to Comodo's port sets and all is well.

I went ahead and posted this mainly because it seems that something changed with Comodo since yesterday as I was able to access through 81 at that time. I assume it's an update as I have not touched any settings in Comodo since the problem started.

sh111t!!
i am also using this f$%^$%^ing firewall!!
(sorry for my language!!!)
added port 81 to http port set and all is ok now!
thnk you mate! :D:D

also thnk you falko for your time and help! :)
i think that if it was something related to the certificate i would get an error indicating this but the browser would allow me to continue to the site
that is what happens to every site i have visited with an ssl certificate error (expired, self signed, wrong domain, etc)
atrias
23rd June 2008, 00:21
please somebody change the subject of the thread to resolved also stating that COMODO firewall has an issue with port 81!!
thnks!