View Single Post
Old 7th April 2009, 15:13
lubos lubos is offline
Join Date: Oct 2007
Location: Belfast, UK - NI
Posts: 59
Thanks: 29
Thanked 17 Times in 13 Posts
Default SOLVED: SSL cert installation for admin area

I know there is lots of threads about this and I read trough them last 2 days and used a lot of suggestions but could not find help.

I have class2 certificate from named ssl.crt
I downloaded their certificates:

and put all certificates into /root/ispconfig/httpd/conf/ssl.crt (the default ca-bundle.crt from ISPconfig renamed to ca-bundle.crt.ispconf)

I edited httpd.conf in /root/ispconfig/httpd/conf :

SSLCertificateFile /root/ispconfig/httpd/conf/ssl.crt/ssl.crt
SSLCertificateKeyFile /root/ispconfig/httpd/conf/ssl.key/server.key
SSLCertificateChainFile /root/ispconfig/httpd/conf/ssl.crt/
SSLCACertificateFile /root/ispconfig/httpd/conf/ssl.crt/ca-bundle.crt
I restarted server

All the same - browser deemed my certificate unsecure (not recognized authority).

I changed SSLCertificateChainFile and SSLCACertificateFile to all possible combinations, each time restarted server and cleared cache in browser. No joy.

When I do:
openssl verify -CAfile /root/ispconfig/httpd/conf/ssl.crt/ca-bundle.crt -purpose sslserver /root/ispconfig/httpd/conf/ssl.crt/ssl.crt
the result is OK but then I can't access admin area on port 81 (websites and emails works) = that is second problem I need help with, I have one live server I cant access admin area now This is working now. I had typo in httpd/conf/httpd.conf. I am able to access admin on this site after fixing typo and restarting ISPConfig.

What I am duing wrong? Where else I have to edit something?

More info: obviously I use https connection to admin area on port 81
the certificate is specific to the servers admin area - not valid for other domains (
systems are Debian Lenny (1x) and Debian Etch (1x)

Thanks very much for help.

The certificate on the server which had typo is now working. I am going trough the other's conf file to make sure there is not a typo as well.
I am reinstalling ISPConfig on the second server once more and after I'll try to install certificate again. Will see what will happened.
Safe computer? Only when unplugged.

Last edited by lubos; 7th April 2009 at 23:08. Reason: update on status
Reply With Quote
Sponsored Links