HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   General (http://www.howtoforge.com/forums/forumdisplay.php?f=15)
-   -   SSL cerificate is not working on ISP Config (http://www.howtoforge.com/forums/showthread.php?t=39447)

fulacom 21st September 2009 15:26

SSL cerificate is not working on ISP Config
 
Hi all,

I am trying to install certificate to one of the domains under ISP Config. I followed the instructions from http://www.ispconfig.org/downloads/m...nde_en_src.htm. However, when I go the the site to view the certificate, I get this error

The CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authorities store.
Issued to: www.mydomain.com
Issued by: www.mydomain.com


Can anyone help?

Thanks!

till 22nd September 2009 12:02

The certificate is working fine. Its just a self signed certificate which shows this warning message in the browser. If you need a signed certificate, you have to buy one e.g. from godaddy or instantssl.

fulacom 22nd September 2009 12:48

Thanks for your response.

I have purchased a signed cert from RapidSSL. I followed the instructions from the ISPConfig help. We pasted the cert text into the SSL Certificate text box, selected save certificate from the drop down box and then clicked save. When we navigate to the website, it still shows the self-signed cert. We have restarted the apache and the server to see if this would work, but to no avail.

Any help will be much appreciated...

Thanks

till 23rd September 2009 12:34

It might be nescessary that you install a ssl chain file for the certificates from this authority to work properly. Did they send you a ssl cahin file too together with the certificate file?

fulacom 23rd September 2009 17:20

Yes, they sent us root certificate and SSL certificate. How do we install root certificate?

Thanks a lot.

till 23rd September 2009 17:46

Copy the root certificate file to the ssl folder of the website. Then add the following line to the apache directives field:

SSLCACertificateFile /home/www/www.yourdomain.tld/ssl/ca.txt

and change the path so that it points to the root certificate.

fulacom 23rd September 2009 18:31

Hello,

I created the ca.txt file and pasted in the CA Cert text. Then edited the path for the apache directives. We cannot access any websites now. I checked and the httpd failed to start, I tried to start it manually to no avail. I'm restoring a backup of the server.

Do you have any suggestions?

till 23rd September 2009 18:34

No need to restore a backup. Just edit the vhost_ispconfig.conf file nad comment out the line and restart apache.

The look at the apache logs and ssl error log why apache afiled to start. I guess that either the path to the cert was wrong or the cert was corrupted or incompatible so that apache was not able to read the content


All times are GMT +2. The time now is 08:39.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.