HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   ISPConfig 3 & nginx ssl issues (http://www.howtoforge.com/forums/showthread.php?t=60427)

ichpen 4th February 2013 03:56

ISPConfig 3 & nginx ssl issues
 
Hi there,

Fairly long term ispconfig 3 user. Had great success on ubuntu/LAMP stack.

Recently I relocated servers and started afresh. Decided to go with nginx. Follow your guide (ubuntu 12.04, nginx, ispconfig 3). It mostly seems to work except having real issues with the ssl directives. Seems the interface doesn't want to put in the relevant SSL directives in vhost IP:443 etc etc. None of the ssl sections in the templates are inserted.

I've tried restarting, creating new sites with various combinations but alas no ssl. Is this an open bug or should I just go hack my vhosts manually?

THanks.
Nik

falko 4th February 2013 13:12

Are there vhost files in /etc/nginx/sites-available/ that end with the extension .err?

Quote:

Is this an open bug or should I just go hack my vhosts manually?
There's no such bug, and SSL has always been working fine for me. I guess it's a problem with your setup.

ichpen 4th February 2013 14:24

Thanks for the reply, no err files were created, it just seems to ignore the SSL checkbox.

Is there any log file I can go check? I've checked the cron.log, nothing there, ispconfig.log is empty. Nothing abnormal in syslog. Strangest thing.

I can confirm that the ssl value in the web_domain table is getting correctly updated so I assume it's downstream from there.

ichpen 4th February 2013 18:43

Update:

Figured out how to stick ispconfig in debug and manually execute server.sh. Here's the output when I ENABLE SSL. Looks like it's evidently tripping up.

04.02.2013-17:39 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
04.02.2013-17:39 - DEBUG - Found 1 changes, starting update process.
04.02.2013-17:39 - DEBUG - Calling function 'ssl' from plugin 'nginx_plugin' raised by event 'web_domain_update'.
04.02.2013-17:39 - DEBUG - Calling function 'update' from plugin 'nginx_plugin' raised by event 'web_domain_update'.
04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16
04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16/*
04.02.2013-17:39 - DEBUG - exec: chmod 710 /var/www/clients/client6/web16/web
04.02.2013-17:39 - DEBUG - exec: chmod 777 /var/www/clients/client6/web16/tmp
04.02.2013-17:39 - DEBUG - exec: chmod 755 /var/www/clients/client6/web16/log
04.02.2013-17:39 - DEBUG - exec: usermod --groups sshusers web16
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/cgi-bin
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/ssl
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/tmp
04.02.2013-17:39 - DEBUG - exec: chown -R web16:client6 /var/www/clients/client6/web16/web
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log/error.log
04.02.2013-17:39 - DEBUG - SSL Disabled. shop.dasilvamotorsport.com
04.02.2013-17:39 - DEBUG - Writing the vhost file: /etc/nginx/sites-available/shop.dasilvamotorsport.com.vhost
04.02.2013-17:39 - DEBUG - Writing the PHP-FPM config file: /etc/php5/fpm/pool.d/web16.conf
04.02.2013-17:39 - DEBUG - nginx status is: 1
04.02.2013-17:39 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
04.02.2013-17:40 - DEBUG - nginx online status after restart is: 1
04.02.2013-17:40 - DEBUG - Processed datalog_id 126
04.02.2013-17:40 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock


So it's seeing the update but not reading the SSL flag in the web_domain table. The flag is correctly set there at least.

ichpen 4th February 2013 19:16

OK, figured it out. It seems nginx_plugin.inc.php is not only checking for the SSL enabled flag, it also checks for 3 cert files in the vhost/ssl path. Once you put them in it will actually enable SSL.

Personally I think this check is overkill and a little confusing but I guess it is what it is.

At least we have an ssl vhost directive now. :)

Now my bigger issue is that for my 2 SSL (dedicated IP hosts) I'm getting Error 500 on https and http. It appears unrelated to ssl.

falko 5th February 2013 20:04

Quote:

Originally Posted by ichpen (Post 291581)
Personally I think this check is overkill and a little confusing but I guess it is what it is.

This check is necessary because if you put SSL directives in the vhost, but nginx cannot find the SSL files, it will refuse to start. :eek:

ichpen 7th February 2013 18:29

Quote:

Originally Posted by falko (Post 291649)
This check is necessary because if you put SSL directives in the vhost, but nginx cannot find the SSL files, it will refuse to start. :eek:

Fair point, had forgotten about that.


All times are GMT +2. The time now is 12:36.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.