HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   SSL Certificate will not work (http://www.howtoforge.com/forums/showthread.php?t=41525)

owainbaber 3rd December 2009 01:08

SSL Certificate will not work
 
I installed CentOS and ISPConfig 3 as the 'The Perfect Server - CentOS 5.3 x86_64 [ISPConfig 3]' instructions say. One of the domains hosted is an ecommerce and although we don't take credit card details I would still like it secure for user confidence. So I went to comodo and requested an IntantSSL certificate. I generated my CSR through ISPConfig and pasted it at comodo and got an Apache mod SSL certificate bundle. I pasted the certificate I got from comodo into ISPConfig and saved it. I then added the line '
SSLCertificateChainFile /var/www/clients/client1/web/ssl/www_savacomp_com.ca-bundle' to the Apache directives box within ISPConfig. I then restarted - /etc/init.d/httpd restart
Now when I go to my website using hhtps rather than http I still have a certificate error with the certificate issued to localhost.localdomain. Does anybody know why that would happen as its driving me nuts!

till 3rd December 2009 14:45

Please post the exact error messages from the apache error log of the website and the sl error log. Also the chain file has not be inserted like you did it, there is a field for the chain file in ispconfig named SSL Bundle where you have to add the contents of the bundle certificate.

owainbaber 3rd December 2009 18:05

This is my ssl_error_log

[Thu Dec 03 14:53:02 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 14:53:02 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 15:08:05 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 15:08:05 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:03 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:03 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:27 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:27 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:28 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:28 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:52 2009] [error] [client 192.168.1.1] Directory index forbidden by Options directive: /var/www/html/

owainbaber 3rd December 2009 19:27

Error_log from /var/log/httpd

[Thu Dec 03 14:52:53 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 14:52:53 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 14:53:01 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 14:53:02 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 14:53:02 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 14:53:02 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 14:53:02 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 15:08:04 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 15:08:04 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 15:08:04 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 15:08:05 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 15:08:05 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 16:33:03 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 16:33:03 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 16:33:03 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 16:33:03 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 16:33:03 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 16:33:27 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Dec 03 16:33:28 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 16:33:28 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 16:33:28 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 16:33:28 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations

owainbaber 3rd December 2009 19:37

Site error.log


[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] SecurityException in Application.cpp:496: Handler not found in configuration
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Caused by KeyNotFoundException in Configuration.cpp:234: Handler "x-httpd-php" not found
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Premature end of script headers: index.php
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] File does not exist: /var/www/error/500.html

This error was generated when trying to access site with https:

owainbaber 3rd December 2009 19:44

I am going to regenerate another certificate and this time paste the contents of the bundle file into ispconfig.

owainbaber 3rd December 2009 20:03

no joy with new certificate, still says localhost.localdomain

owainbaber 4th December 2009 12:39

I have also noticed that every now and again it opens the default apache page!

jlaughy 31st December 2009 17:37

yesterday I ordered a Comodo certificate.

I use ISPConfig 2.2.35
I took SSL Request: ----XXXXXX
Hav send it to the Certificate auth.

This morning I received the certificate
After installing my server would not start again :(

What did I do wrong

WKR, JL

falko 1st January 2010 12:14

Any errors in Apache's error log?


All times are GMT +2. The time now is 14:30.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.