View Single Post
  #25  
Old 16th October 2007, 09:46
chuckl chuckl is offline
Senior Member
 
Join Date: May 2007
Location: Uxbridge, Middlesex, UK
Posts: 166
Thanks: 1
Thanked 20 Times in 20 Posts
Default

Pem files, .crt and key files are equivalent, just that a pem file can contain certificates or keys, ISPConfig just happens to use .crt and .key.

While a force-reload is the suggestion, restart achieves the same thing.

In a vanilla Apache install, the server runs the website as the 'Apache' user, usually on Debian or Ubuntu a user called 'www-data' or on some systems 'nobody'.
Under Suexec, that is changed to the local website owner, under ISPConfig usually web1_admin or similar. While this is good from a website mail point of view as mail servers tend not to like mail from 'nobody' it does impose tighter constraints on the 'ownership' of any files on the website. i.e. If you check the file owner and group, they should correspond to the user you have specified as website admin under the users and email tab.
File permission settings vary slightly as well.

.htaccess files can also play havoc with setting up SSL, as well as Zen Cart mods like SEO urls that use mod rewrite. They can be temporarily renamed fredhtaccess or htacess.bak or whatever.

But if the crt and key files are there and correctly formed, and there is a corrsponding entry in the vhosts.ispconfig.conf file that correctly references them, you should have SSL operational.

It is usually a good idea to clear your browser cache as well as they have a nasty habit of using cached pages when doing this kind of testing.
Reply With Quote