HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Configuring SSL (http://www.howtoforge.com/forums/showthread.php?t=59312)

pebkac 30th October 2012 05:13

Configuring SSL
 
Hey all,

I've decided to use SSL on one of my servers. It was already running and hosting the site on Perfect Ubuntu 12.04 ISPConfig server. I followed this tutorial http://www.howtoforge.com/securing-y...-from-startssl
to get SSL. As far as that tutorial goes it does not make clear any other setting that need to be done from within ISPConfig. I did check the SSL box on the site and added an IP to the server and made sure it is being used. When I try and go to the site with SSL I get this in the apache error.log
Code:

[Tue Oct 30 04:01:08 2012] [error] [client 96.229.205.165] client denied by server configuration: /etc/apache2/htdocs
I followed the tutorial to a tee and did not do anything on the SSL tab within ISPConfig.

Code:

root@dor:/etc/apache2# grep -Ri SSLCertificateFile *
sites-available/ispconfig.vhost~:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
sites-available/default-ssl:        #  SSLCertificateFile directive is needed.
sites-available/default-ssl:        SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
sites-available/default-ssl:        #  the referenced file can be the same as SSLCertificateFile
sites-available/ispconfig.vhost:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
sites-enabled/000-ispconfig.vhost:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
root@dor:/etc/apache2#

when I restart apache
Code:

root@dor:/etc/apache2# /etc/init.d/apache2 restart
 * Restarting web server apache2                                                                  [Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 184.169.151.252:443 has no VirtualHosts
[Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 10.166.185.147:80 has no VirtualHosts
[Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 10.166.185.147:443 has no VirtualHosts
 ... waiting [Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 184.169.151.252:443 has no VirtualHosts
[Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 10.166.185.147:80 has no VirtualHosts
[Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 10.166.185.147:443 has no VirtualHosts
                                                                                            [ OK ]
root@dor:/etc/apache2#


till 30th October 2012 08:25

The tutorial you used ti about securing the ispconfig interface with a ssl certificate from startssl plus using this ssl cert for the mailserver. It is not about using ssl in a website that you created in ispconfig.

To use ssl in a ispconfig website, enure that you selcetd a IP ddress and not * in the site settings, enable the ssl checkbox and then create a new ssl certificate on the ssl tab. The steps are also described in detail in the manual.

pebkac 30th October 2012 08:34

Oh, sorry about that. I see that now...well it works as it should. So when I create SSL for sites its all down on the SSL tab? And I can use StartSSL certs to do so?

--Steve

till 30th October 2012 09:43

Quote:

o when I create SSL for sites its all down on the SSL tab?
Nothing should be down when you create a ssl cert. If the server is down, then something wrong was entered in the ssl fields so that apache was not able to start again. Delete the vhsot file of the affected site in /etc/apache2/sites-enabled/ and start apache again, then login to ispconfig, disable ssl for the site and create a new ssl cert, then enable ssl again.

Quote:

And I can use StartSSL certs to do so?
You can use any ssl certificate authority.


All times are GMT +2. The time now is 06:16.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.