HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=16)
-   -   SSL Certificate Error ssl_error_rx_record_too_long ISPconfig 2 Debian (http://www.howtoforge.com/forums/showthread.php?t=56480)

n0fx 9th March 2012 03:42

SSL Certificate Error ssl_error_rx_record_too_long ISPconfig 2 Debian
 
ISPConfig: v2.2.32
Debian: 5

I currently have ISPConfig v2.2.32 installed and it's been working for 2 years. I only have one website setup that I'm using with ISPConfig and it's running debian as the base OS.

I set it up a while ago and I don't remember setting up https:// to the site. Is there any way I can check to see if https:// has been setup for the site? I tried to locate any *.crts on the disk and I did see some but it seems to be the default ones installed with ISPConfig. The server is definitely listening to port 443, when I ran netstat.

When I load the browser and point to it with the DNS or IP of the server, I get this error:

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)

This is my search for *.crt with locate command:

debianbox:/etc/apache2# locate *.crt |more -l
/etc/postfix/ssl/smtpd.crt
/etc/ssl/certs/ca-certificates.crt
/home/admispconfig/ispconfig/web/phpmyadmin/libraries/auth/swekey/musbe-ca.crt
/root/ispconfig/httpd/conf/ssl.crt
/root/ispconfig/httpd/conf/ssl.crt/ca-bundle.crt
/root/ispconfig/httpd/conf/ssl.crt/ca.crt
/root/ispconfig/httpd/conf/ssl.crt/server.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-ca-rsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-dsa.crt
/root/ispconfig/httpd/conf/ssl.crt/snakeoil-rsa.crt
/usr/share/ca-certificates/brasil.gov.br/brasil.gov.br.crt
/usr/share/ca-certificates/cacert.org/cacert.org.crt
/usr/share/ca-certificates/cacert.org/class3.crt
/usr/share/ca-certificates/cacert.org/root.crt
/usr/share/ca-certificates/debconf.org/ca.crt
/usr/share/ca-certificates/gouv.fr/cert_igca_dsa.crt
/usr/share/ca-certificates/gouv.fr/cert_igca_rsa.crt
/usr/share/ca-certificates/mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt
/usr/share/ca-certificates/mozilla/AOL_Time_Warner_Root_Certification_Authority_
1.crt
/usr/share/ca-certificates/mozilla/AOL_Time_Warner_Root_Certification_Authority_
2.crt

I really don't remember if SSL was setup. I might want to setup SSL for the server but I'm not sure how to. I'm just going to buy the SSL cert from Godaddy with these instructions: http://www.howtoforge.com/forums/sho...ht=godaddy+ssl.

Any input would be appreciated, thanks.

falko 9th March 2012 15:10

You can check your Vhosts_ispconfig.conf file to see if SSL is enabled for your website.

n0fx 9th March 2012 18:31

Quote:

Originally Posted by falko (Post 275216)
You can check your Vhosts_ispconfig.conf file to see if SSL is enabled for your website.

So, if I check the Vhosts_ispconfig.conf file and I don't see anything to 443, then that means it wasn't configured with SSL right? I looked and all I see is references to port 80, which is the standard port for the web.

Thanks!

falko 10th March 2012 14:34

Quote:

Originally Posted by n0fx (Post 275226)
So, if I check the Vhosts_ispconfig.conf file and I don't see anything to 443, then that means it wasn't configured with SSL right?

Yes, that's right.

To create an SSL vhost, you must check the SSL checkbox in ISPConfig and then create an SSL certificate on the SSL tab.

n0fx 10th March 2012 20:03

Purchasing a SSL from a big registrar than self generating the cert
 
Quote:

Originally Posted by falko (Post 275264)
Yes, that's right.

To create an SSL vhost, you must check the SSL checkbox in ISPConfig and then create an SSL certificate on the SSL tab.

Well, that's strange. The SSL checkbox was already configured (checkbox enabled) when I checked it the other day, it's just that there is no certificate inside that I can locate in the shell.

So, if I wanted to enable it on my site (I only have one site), I would go to the SSL tab and a self generated one? When I go that route, that means that the certificate wouldn't be valid then. I want to buy a SSL certificate, say for instance, from Godaddy and put it in, how would I go about doing that?

falko 11th March 2012 20:28

http://www.howtoforge.com/faq/14_49_en.html

n0fx 12th March 2012 18:13

Quote:

Originally Posted by falko (Post 275289)

Thanks, I'll keep that for my records.


All times are GMT +2. The time now is 15:19.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.