HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Installation/Configuration (
-   -   Cluster upgrade to 3.0.5 - SSL error (

SamTzu 26th February 2013 12:59

Cluster upgrade to 3.0.5 - SSL error
After the 3.0.5 upgrade we get this error...


Restarting web server: apache2Apache/2.2.16 mod_ssl/2.2.16 (Pass Phrase Dialog)
Some of your private key files are encrypted for security reasons.
In order to read them you have to provide the pass phrases.
Apache never required Cert password before the upgrade. Looks like I have to regenerate the keys.

I found this instruction but it seems a little old.
Any comments would be appreciated?

till 26th February 2013 13:15

This instructions are for ispconfig. 2 and not 3, so they dont apply to your issue.

Did you create the ssl cert you used before with the ispconfig installer or id ou create it manually?

SamTzu 26th February 2013 13:16

I created it with ISPConfig.
I probably should have chosen to re-create the SSL when it was asked.

"Create new ISPConfig SSL certificate?"
Is there a way to recreate them with ISPConfig?
There seem to be no upgrade problems with other nodes that do not use SSL.

till 26th February 2013 13:18

Yes. Redo the update by using the manual update instructions from release notes, the updater will ask ou if the ssl cert shall be recreated.

SamTzu 26th February 2013 13:41

Mae Culpa.
I just remembered that I did create our own Cert a year back and moved it to use port 443 so this is probably the reason why the root node SSL is down.

I can't seem to find the command to re-create the Cert.


php -q update.php
This will not ask to recreate the cert nor will it allow to define the port.

I redid the cert using this manual. Apache restarts now without asking a password.

SamTzu 27th February 2013 15:16

Certificate Upgrade script
I just upgraded our cluster to and I can now say with confidence that and php -q update.php scripts do NOT include the option to upgrade/modify Certificate or Control Panel TCP port (:8080) if the node in question does not have Apache enabled (like our primary node that has only ISPConfig Control panel in it and nothing else.)

So if you get in trouble with the Certificate or TCP port number - your troubles are multiplied :)

All times are GMT +2. The time now is 07:12.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.