Originally Posted by senzapaura
I did follow the Suse 10 howto to the letter to the best of my ability when I installed ISPConfig. I then set-up a virtual site once I felt it was running correctly, I used openssl to create my crt and key files using the directions provided by the supplier of my CA certificate. I then went into ISPConfig and configured the SSL using the certificates I got from the CA I am using.Then I made sure the Vhosts_ispconfig.conf file was pointing to the corrrect certificate files. I was trying to follow a solution posted on this forum.
I had trouble using an upload fuction after I created the original site and I did add the PHP configuration setting in the Vhosts_ispconfig.conf file manually. Now I know how to do it using ISPConfig so I will not have to do that in the future.
If the Vhosts_ispconfig.conf file is correct what else does apache use to provide SSL service for a web site? I am using one IP address and apparently apache can see the http side of the site (www.amg01.info
) because my remote testers are using that address now. I have another Fedora site set up and SSL is working there, so I have compared things and they seem to be the same. The Fedora site was setup prior to Suse 10 release and my knowing about ISPConfig. I would like to replace the Fedora server with anothe Suse/ISPConfig setup as soon as I can figure out this problem.
Ok this explains the problems. You created the SSL certificate wrong. You dont have to create the SSL cert manually and you dont have to change anything in the vhost configuration file manually. If you do so, the system might fail like in your case. All changes you made manually in the Vhosts_ispconfig.conf will be overridden by the system when you change anything in ISPConfig.
1) Remove anything SSL related you configured manually.
2) Enable the SSL checkbox in the web you need SSL encryption and save the the website.
3) Open the site again, there you will find an SSL tab. Fill out the fields and leave the SSL certificate and certificate request fields empty. Select "Create certificate" in the action field and hit safe. ISPConfig creates now a certificate request and self signed certificate with the appropriete settings, that can take up to 1 - 2 minutes. When you open the ssl tab again, you find there the certificate request that you can use to get a signed certificate for your domain from an SSL authority. When you got the SSL cert from the authority, you can replace the certificate shown on the SSL tab and select save as action.
This is also described in the ISPConfig manual.