HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   SSL Problem (http://www.howtoforge.com/forums/showthread.php?t=50603)

vlados 20th December 2010 23:01

SSL Problem
 
Hi,
I tried to use the SSL feature in the control panel for one site, but when I import the cert and give action Save certficate ... nothing happens.
https://domain.com not reposnd and in the vhost there is not *:443.
What to do?

till 20th December 2010 23:15

First you have to create a new certificate in ispconfig. Then take the csr thats was created by ispconfig and let it sign by a ssl authority. Then copy the cert that you got back in the ssl cert field and select save as action.

By the way, thats all described in detail in the manual and several posts here in the forum :-)

vlados 20th December 2010 23:21

yes, I did all this :)

till 21st December 2010 11:57

And the ssl site workked after you created the cert and stopped working as you imported the signed cert?

vlados 24th December 2010 00:43

Quote:

Originally Posted by till (Post 247194)
And the ssl site workked after you created the cert and stopped working as you imported the signed cert?

No, the apache vhosts file didnt have :443 directive at all. When I make changes in the ispconfig panel to the ssl section it didn't update the file....

vlados 30th January 2011 00:07

So I found that when apache tries to restart it returns an error, but I can't find what is

30.01.2011-01:02 - WARNING - Apache did not restart after the configuration change for website tipswins.com Reverting the configuration. Saved non-working config as /etc/apache2/sites-available/tipswins.com.vhost.err

Code:

<VirtualHost *:80>
      DocumentRoot /var/www/tipswins.com/web
 
    ServerName tipswins.com
    ServerAlias *.tipswins.com
    ServerAdmin support@netlabs.bg

    ErrorLog /var/log/ispconfig/httpd/tipswins.com/error.log


    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 503 /error/503.html
       
    <Directory /var/www/tipswins.com/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client2/web47/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
    <IfModule mod_fcgid.c>
     
          # SocketPath /tmp/fcgid_sock/
         
          # IdleTimeout n (3600 seconds)
          # An idle fastcgi application will be terminated after IdleTimeout seconds.
      IdleTimeout 3600
         
          # ProcessLifeTime n (7200 seconds)
      # A fastcgi application will be terminated if lifetime expired, even no error is detected.
      ProcessLifeTime 7200
         
          # MaxProcessCount n (1000)
      # The max count of total fastcgi process count.
      # MaxProcessCount 1000
     
          # DefaultMinClassProcessCount n (3)
      # The minimum number of fastcgi application instances for any one fastcgi application.
      # Idle fastcgi will not be killed if their count is less than n
      # Set this to 0, and tweak IdleTimeout
          DefaultMinClassProcessCount 0
         
          # DefaultMaxClassProcessCount n (100)
      # The maximum number of fastcgi application instances allowed to run for
      # particular one fastcgi application.
      DefaultMaxClassProcessCount 100
         
          # IPCConnectTimeout n (3 seconds)
      # The connect timeout to a fastcgi application.
      IPCConnectTimeout 8
         
          # IPCCommTimeout n (20 seconds)
      # The communication timeout to a fastcgi application. Please increase this
      # value if your CGI have a slow initialization or slow respond.
      IPCCommTimeout 360
     
          # BusyTimeout n (300 seconds)
      # A fastcgi application will be terminated if handing a single request
      # longer than busy timeout.
          BusyTimeout 300
         
    </IfModule>
    <Directory /var/www/tipswins.com/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
        <Directory /var/www/clients/client2/web47/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web47 client2
    </IfModule>

    <IfModule mod_dav_fs.c>
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>



<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################

<VirtualHost *:443>
      DocumentRoot /var/www/tipswins.com/web
 
    ServerName tipswins.com
    ServerAlias *.tipswins.com
    ServerAdmin webmaster@tipswins.com
   
    ErrorLog /var/log/ispconfig/httpd/tipswins.com/error.log

    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 503 /error/503.html

    SSLEngine on
    SSLCertificateFile /var/www/clients/client2/web47/ssl/tipswins.com.crt
    SSLCertificateKeyFile /var/www/clients/client2/web47/ssl/tipswins.com.key
    SSLCACertificateFile /var/www/clients/client2/web47/ssl/tipswins.com.bundle
   
        <Directory /var/www/tipswins.com/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client2/web47/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

# Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
    <IfModule mod_fcgid.c>
      # SocketPath /tmp/fcgid_sock/
          # IdleTimeout n (3600 seconds)
          # An idle fastcgi application will be terminated after IdleTimeout seconds.
      IdleTimeout 3600
         
          # ProcessLifeTime n (7200 seconds)
      # A fastcgi application will be terminated if lifetime expired, even no error is detected.
      ProcessLifeTime 7200
         
          # MaxProcessCount n (1000)
      # The max count of total fastcgi process count.
      # MaxProcessCount 1000
     
          # DefaultMinClassProcessCount n (3)
      # The minimum number of fastcgi application instances for any one fastcgi application.
      # Idle fastcgi will not be killed if their count is less than n
      # Set this to 0, and tweak IdleTimeout
          DefaultMinClassProcessCount 0
         
          # DefaultMaxClassProcessCount n (100)
      # The maximum number of fastcgi application instances allowed to run for
      # particular one fastcgi application.
      DefaultMaxClassProcessCount 100
         
          # IPCConnectTimeout n (3 seconds)
      # The connect timeout to a fastcgi application.
      IPCConnectTimeout 8
         
          # IPCCommTimeout n (20 seconds)
      # The communication timeout to a fastcgi application. Please increase this
      # value if your CGI have a slow initialization or slow respond.
      IPCCommTimeout 360
     
          # BusyTimeout n (300 seconds)
      # A fastcgi application will be terminated if handing a single request
      # longer than busy timeout.
          BusyTimeout 300
         
    </IfModule>
    <Directory /var/www/tipswins.com/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
        <Directory /var/www/clients/client2/web47/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web47 client2
    </IfModule>

    <IfModule mod_dav_fs.c>
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
</IfModule>


falko 30th January 2011 16:16

Can you rename /etc/apache2/sites-available/tipswins.com.vhost to /etc/apache2/sites-available/tipswins.com.vhost.bak and rename /etc/apache2/sites-available/tipswins.com.vhost.err to /etc/apache2/sites-available/tipswins.com.vhost and then run
Code:

apache2 -t
? Does it report any syntax errors?

vlados 30th January 2011 16:45

root@server1:/etc/apache2# killall apache2
root@server1:/etc/apache2# apache2 -t
apache2: bad user name ${APACHE_RUN_USER}

Is this the right parameter? It this is for configtest:
root@server1:/etc/apache2# apache2ctl configtest
Syntax OK
root@server1:/etc/apache2# /etc/init.d/apache2 start
* Starting web server apache2 [fail]
root@server1:/etc/apache2#

falko 31st January 2011 13:06

Quote:

Originally Posted by vlados (Post 249975)
Is this the right parameter? It this is for configtest:
root@server1:/etc/apache2# apache2ctl configtest
Syntax OK

Ok, the syntax seems to be ok.

Are there any errors in Apache's error log? What's the output of
Code:

netstat -tap
?


All times are GMT +2. The time now is 18:48.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.