HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Comodo SSL- Not loading web pages from https (http://www.howtoforge.com/forums/showthread.php?t=49600)

jtheed 22nd October 2010 18:43

Comodo SSL- Not loading web pages from https
 
I am trying to install a Comodo SSL on my ISPConfig 3 site. I have the latest version of IPSConfig 3.0.3 on Debian 5.
I did as per the instructions. Created the CSR and pasted it into Comodo's site. They in turn sent me 2 files, the .crt and a .ca-bundle.
I copied and pasted the CRT into the SSL Certificate Window and the ca-bundle into the SSL Bundle window, on SSL Action I chose Save Certificate and then clicked on the Save button. I waited until I saw the Job Queue was clear and when I type in my url https:.www.domainname.com, then site always times out with nothing loading.
I also tried copying the files directly into the SSL forder for this web site and I get the same result. There are no erros in the web site's log files and none in the apache2 log file. Port 443 is forwared to the Server's local IP. It is the ONLY one with an SSL among the 6 sites on the server. I have looked at all of the vhost files and only the one site I want to have an SSL has any mention of an SSL.
When creating the SSL Request, I spelled out the state completely FLORIDA, the locality is a 2 word city DEERFIELD BEACH, organisation is TIDES MARINE, INC. organisation unit is SALES , country is US and the domain is www.domainname.com I sent everything in uppercase except the domain name (didn't know if that matters).
The IP address is set to the local ip address of the server, not the *

The self assigned SSL works for ISPCONFIG on 8080 and in the past I have had a self assigned SSL for another site, but that has been removed and the SSL flag unchecked for that site quite a while ago.

What do I try now?

jtheed 22nd October 2010 21:51

Chalk this up to inexperience with SSL's.
Had a Server Crash and the IP has changed. I didn't update the IP at Comodo's site before I applied for a new SSL. :eek:

jtheed 28th October 2010 05:43

I am out of ideas. Doesn't matter if I use the Comodo Cert or the Self Assigned Cert, the https://www.mydomain.com will not load any files. The ISPConfig will load using https://www.tidesmarine.com:8080 nd well as phpmyadmin.
No errors are in the apache2 error log.

Where do I look now?

jtheed 28th October 2010 17:34

I deleted all of the SSL certs and removed the check mark on SSL for the domain, deleted the SSL Cert entries in ISPConfig, clicked save and let it all update.

I then tried to install a self signed SSL as per the manual and still get nothing when I try to access the site via https. I have triple checked that port 443 is forwarded to the local IP address and this is the ONLY domain with an SSL Cert. I have the ip address shown in ISPConfig, not an * and www as the Auto Subdomain. The SSL Domain in the SSL Tab is set to www.domainname.com

Everything appears to be right and there are files in the .../web7/ssl folder that are not 0 bytes: listed as, (domainname is replaced for the actual domain name):
'www.domainname.com.crt'
'www.domainname.com.csr'
'www.domainname.com.key'
'www.domainname.com.key.org'

('s were added so it won't change to url's)

but this is in the cron log
Generating RSA private key, 2048 bit long modulus
.........+++
.+++
e is 65537 (0x10001)
writing RSA key
chmod: cannot access '/var/www/clients/client1/web7/*'

Is that normal?

falko 29th October 2010 13:56

Can you post the output of
Code:

ls -la /var/www/clients/client1/web7/
?

Are there any errors in the Apache SSL error log?

jtheed 29th October 2010 16:34

Quote:

Originally Posted by falko (Post 243201)
Can you post the output of
Code:

ls -la /var/www/clients/client1/web7/
?

Are there any errors in the Apache SSL error log?

Only log file I see is /var/log/apache2/error.log and there are no errors about the SSL there:

Code:

drwxr-xr-x  7 root root    4096 2010-10-29 10:16 .
drwxr-xr-x 10 root root    4096 2010-10-22 12:52 ..
lrwxrwxrwx  1 root root      16 2010-10-24 00:31 backup -> /var/backup/web7
-rwxr-xr-x  1 web7 client1  1135 2010-10-29 06:08 .bash_history
drwxr-xr-x  2 web7 client1  4096 2010-10-21 08:17 cgi-bin
-rwxr-xr-x  1 root root      40 2010-10-28 13:02 .htpasswd_stats
lrwxrwxrwx  1 web7 client1    40 2010-10-21 08:17 log -> /var/log/ispconfig/httpd/tidesmarine.com
drwxrwxrwx  2 root root    4096 2010-10-21 14:12 PW
drwxrwxrwx  3 web7 client1  4096 2010-10-28 11:13 ssl
drwxrwxrwx  2 web7 client1  4096 2010-10-29 10:19 tmp
drwxrwxrwx 42 web7 client1 20480 2010-10-28 14:29 web



I did a reinstall of ISPConfig and now I get this:
[warn] VirtualHost 78.153.221.50:80 overlaps with VirtualHost 78.153.221.50:80, the first has precedence, perhaps you need a NameVirtualHost directive

I had to make all other sites inactive so this one would show up on the internet. How do I fix this?

till 29th October 2010 18:58

Go to system > server IP, click on a ip, disable the namevirtualhost checkbox and click on save. The click on the same ip, enable the checkbox again and click on save.

jtheed 1st November 2010 16:27

Still no joy on the SSL working. Site just times out in the browser when using https. I have deleted the SSL for this domain and tried installing one on another domain that is on the same box and get no joy there either. Any ideas or thoughts about where to look would be great as I can't put up our Online Store until I get the SSL working.

jtheed 9th November 2010 18:18

Final Update
 
I am going to have to say that this was caused by a bad update from 3.0.2.2 to 3.0.3. When I did a fresh install on another machine, I got a quite a few more icons etc in the new install than I could see in the update and the SSL cert works fine.

falko 10th November 2010 08:52

Quote:

Originally Posted by jtheed (Post 244029)
I got a quite a few more icons etc in the new install

Did you clear your browser cache?


All times are GMT +2. The time now is 01:26.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.