HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   SSL certificate (http://www.howtoforge.com/forums/showthread.php?t=60026)

chief 21st December 2012 17:13

SSL certificate
 
Hi all and a merry xmas

I have a ispconfig server called subname.tlsystems.co.uk
I also have my company website on it called tlsystems.co.uk as client 1, now my problem is with a comodo instantssl certificate.

I have been having this issue since i installed ispconfig 3, 1 yr ago, but never got around to fix it properly.

I have deleted all files (backed up before) in /var/www/tlsystems/ssl/
I then logged in to the control panel (ISPCONFIG) went to website - tlsystems.co.uk - SSL tab. My original info was in the boxes - state, locality etc down to ssl domain. so i just clicked create certificate. a little time after i have 4 files.
a *.crt, *.csr, *.key and *.key.org
I logged on to instantssl and revoked my original cert and requested a new cert using the SSL request file which i emailed them. got it from /var/www/tlsystems.co.uk/ssl/
I was then emailed back a zip fie containing 2 files a website_co_uk.ca-bundle and website_co_uk.crt.
I backed up the old crt and filezilled them to ssl folder on server
I purchased the manual for ispconfig 3 and also read on the forums about changing the IPv4 address from * to the actual IP. I cannot, only have * in Pull down..

when i go to https://www.tlsystems.co.uk in internet explorer the certificate shows as localhost.localdomain, but viewed in firefox it is not supplying identity information.

so please can anyone help with correctly putting 1 ssl certificate right

cheers in advance

dave

till 21st December 2012 17:30

Quote:

I was then emailed back a zip fie containing 2 files a website_co_uk.ca-bundle and website_co_uk.crt.
I backed up the old crt and filezilled them to ssl folder on server
Please follow the procedure as described in the manual chapter 5.4. The manual instructs you to enter the ssl cert that you got back from ssl authority into the ssl cert field in ispconfig, then select save as action and click on the save button.

Quote:

I purchased the manual for ispconfig 3 and also read on the forums about changing the IPv4 address from * to the actual IP. I cannot, only have * in Pull down..
Then you might have missed to add your IP address under System > Server IP.

chief 21st December 2012 17:36

Cheers for reply Till,

Just saw and added IP address in system - Server IP addresses - add new IP
done

Pasted SSL certificate and SSL bundle.

Just going to check now

dave

chief 21st December 2012 17:39

Till,

Why does it say "This website does not supply ownership information"


dave

till 21st December 2012 18:13

What kind of ssl cert id you buy? There are different kind of ssl certs available, the cheaper ones verify onle the domain and not the ownership of the domain. The ceaper ones are displayed e.g. In blue in the browser bar while the expensive ones with ownership validation have a green bar.

falko 21st December 2012 20:40

Quote:

Originally Posted by chief (Post 289951)
Till,

Why does it say "This website does not supply ownership information"


dave

Because the certificate is domain-validated, not organization-validated.

chief 22nd December 2012 12:58

till,

I broke it....

I set an ip using system, this morning i could not access another domain i have under my client name, it pointed back to my main tlsystems.co.uk.
I then went in to control panel and deleted IP where i set it yesterday, now i cannot access any site or adminpanel or phpmyadmin.. :(

what is the best steps to fis / restore or cry


dave

chief 22nd December 2012 14:52

I can ssh in.
I have read log and found out httpd could not start

I have deleted old dbispconfig and then imported last nights export, grant ispconfig user all access to database.

is it possible or better to reinstall ispconfig, or chase errors

dave

chief 22nd December 2012 15:05

got it,

httpd logs had an error in the SSL certificate and line 124 of my main tlsystems.vhosts file, turn it off and hash out certificate line httpd then restarted and i can access ispconfig.

thank god for backups and


apachectl configtest

tail -f /var/log/httpd/error_log

merry xmas all

dave

chief 24th December 2012 15:19

Another question about SSL certificate and setting an IP address under system.

When i did set an IP, all other domains in the server was then pointing back to tlsystems.co.uk.
e.g. i have a domain called myhairyarse.com which i only use for email, so when i did set ip and updated * to the ip for tlsystems.co.uk. I could no longer logon to my myhairyarse.com/webmail as it pointed to my tlsystems.co.uk website..

Do i need to update all sites to use the ip of server instead of *

dave


All times are GMT +2. The time now is 00:20.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.