View Single Post
  #2  
Old 25th January 2012, 03:20
fxs fxs is offline
Junior Member
 
Join Date: Jan 2012
Posts: 27
Thanks: 2
Thanked 1 Time in 1 Post
Default

This night I try a couple of times to secure ISPconfig 3 and failed.
In addition the websites were down for hours. I got these lines:
Quote:
[Wed Jan 25 00:08:24 2012] [warn] NameVirtualHost xxxxxxxxxx:443 has no VirtualHosts
[Wed Jan 25 00:08:24 2012] [warn] NameVirtualHost xxxxxxxxxxxx:80 has no VirtualHosts
[Wed Jan 25 00:08:24 2012] [warn] NameVirtualHost xxxxxxx:443 has no VirtualHosts
Action 'start' failed.
My feeling is that they are two (coincidental?) problems:

1) the computer doesn’t understand the key given by startssl (he looks for something written like that xxxxxxx.ovh.net.crt and xxxxxxx.ovh.net.key and not for something including the domain name (apache log).
Then this error forces apache2 to crash.
So that I decided to disable SSL

2) in the apache log, there is also this message:
Quote:
Wed Jan 25 00:12:42 2012] [warn] Init: (xxxxxxx:443) You configured HTTP(80) on the standard HTTPS(443) port!
What’s wrong? What does it mean? How to solve that?

To disable SSl I comment some lines (defaut-ssl):
Code:
        #   SSL Engine Switch:
        #   Enable/Disable SSL for this virtual host.
        >>>>>>>># SSLEngine on

        #   A self-signed (snakeoil) certificate can be created by installing
        #   the ssl-cert package. See
        #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
        #   If both key and certificate are stored in the same file, only the
        #   SSLCertificateFile directive is needed.
        # SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
        # SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
        >>>>>>>#  SSLCertificateFile /etc/ssl/certs/xxxxxxx.ovh.net.crt
        >>>>>>>#  SSLCertificateKeyFile /etc/ssl/private/xxxxxxx.ovh.net.key
and ispconfigvhost
Code:
# SSL Configuration
>>>>>>>>#  SSLEngine On
>>>>>>>#  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
>>>>>>>#  SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.ke
Is it safe to do that?
Is there a better way to disable SSL?

Do I have something else to do?

thanks for any inputs

best regards
Reply With Quote