Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 24th May 2007, 16:53
Menzor Menzor is offline
Junior Member
 
Join Date: May 2007
Posts: 6
Thanks: 1
Thanked 0 Times in 0 Posts
Question SSL Issue - Unable to connect to any site

Hello,

The issue I am experieancing is that i can not get to any ssl pages on any site, although ISPConfig works correctly using https://. The error that appears in FireFox is
Unable to Connect Firefox can't establish a connection to the server at www.mywebsite.com

I am a new ISPConfig user.

I followed the install procedures outlined in
http://www.howtoforge.com/installing..._fedora_core_6

The install went very smooth with out issue. I could be wrong, but i believe during the restart of appache in the instructions, i was asked all the questions for an SSL key.

I then went on to work through the site and set some configurations using ISPConfig through https:// connection with out any issue.

I restarted my server, I only have SSH access to the box, and discovered that it was not restarting. I called the data center and discovered that apache was waiting for a pass phrase. As no one can see this prompt, the data center had to enter the password in.

I then decrypted and chmoded the key so that apache would no longer ask for the pass phrase.

At this point i then decided to test and see if i could view an SSL page. I could not, upto this point i had not checked. Which seemed odd because ISPConfig was running ssl and was working fine.

I then looked through the forums here and discovered that i should have created my key in ISPConfig. So i tried creating a key in ISPConfig.

Still no ssl access.

tried
openssl genrsa -des3 -passout pass:menzor -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key

tried looking to see if SSL is running
use command netstat -tap
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 *:etlservicemgr *:* LISTEN 3668/perl
tcp 0 0 *:mysql *:* LISTEN 2684/mysqld
tcp 0 0 *:781 *:* LISTEN 2295/rpc.statd
tcp 0 0 *:sunrpc *:* LISTEN 2270/portmap
tcp 0 0 *:hosts2-ns *:* LISTEN 9533/ispconfig_http
tcp 0 0 209.51.199.46:domain *:* LISTEN 10017/named
tcp 0 0 209.51.199.45:domain *:* LISTEN 10017/named
tcp 0 0 209.51.199.44:domain *:* LISTEN 10017/named
tcp 0 0 www.seconddomain.com:domain *:* LISTEN 10017/named
tcp 0 0 server1.firstdomain.c:domain *:* LISTEN 10017/named
tcp 0 0 localhost:domain *:* LISTEN 10017/named
tcp 0 0 localhost:ipp *:* LISTEN 2545/cupsd
tcp 0 0 localhost:rndc *:* LISTEN 10017/named
tcp 0 0 *:smtp *:* LISTEN 9742/master
tcp 0 0 *:imaps *:* LISTEN 2713/dovecot
tcp 0 0 *op3s *:* LISTEN 2713/dovecot
tcp 0 0 *op3 *:* LISTEN 2713/dovecot
tcp 0 0 *:imap *:* LISTEN 2713/dovecot
tcp 0 0 *:http *:* LISTEN 9668/httpd
tcp 0 0 *:ftp *:* LISTEN 10038/proftpd: (acc
tcp 0 0 *:ssh *:* LISTEN 2563/sshd
tcp 0 0 server1.firstdomain.com:ipp *:* LISTEN 2545/cupsd
tcp 0 0 server1.firstdomain.com:rndc *:* LISTEN 10017/named
tcp 0 1036 server1.firstdomain.com:ssh S01060013465e3aba.wp.:59903 ESTABLISHED 8403/0

I don't see anything SSL listening to port 443
Try restarting apache with ssl
apachectl -D SSL -k start
Already running

Apache error log from /var/log/httpd/error_log
[Thu May 24 01:52:53 2007] [error] an unknown filter was not added: PHP
[Thu May 24 01:52:53 2007] [error] an unknown filter was not added: PHP
[Thu May 24 07:30:28 2007] [error] an unknown filter was not added: PHP
[Thu May 24 07:30:28 2007] [error] an unknown filter was not added: PHP
[Thu May 24 08:50:23 2007] [notice] caught SIGTERM, shutting down
[Thu May 24 08:50:23 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin
/suexec)
[Thu May 24 08:50:23 2007] [notice] Digest: generating secret for digest authent
ication ...
[Thu May 24 08:50:23 2007] [notice] Digest: done
[Thu May 24 08:50:23 2007] [notice] Apache/2.2.4 (Unix) DAV/2 PHP/5.1.6 configur
ed -- resuming normal operations
[Thu May 24 09:21:15 2007] [notice] caught SIGTERM, shutting down
[Thu May 24 09:21:15 2007] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin
/suexec)
[Thu May 24 09:21:15 2007] [notice] Digest: generating secret for digest authent
ication ...
[Thu May 24 09:21:15 2007] [notice] Digest: done
[Thu May 24 09:21:15 2007] [notice] Apache/2.2.4 (Unix) DAV/2 PHP/5.1.6 configur
ed -- resuming normal operations

Any help is appreciated

Thank you
Reply With Quote
Sponsored Links
  #2  
Old 25th May 2007, 14:12
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

You mix up the ssl setup for the controlpanel webserver and the webserver for your websites. You must create a SSL certificate for the website in ISPConfig by enabling SSL in the site settings, hit save, then go to the SSL tab of the site and reate a certificate.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 25th May 2007, 16:13
Menzor Menzor is offline
Junior Member
 
Join Date: May 2007
Posts: 6
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Thank you for the reply

Steps taken

1. As site had ssl enabled, uncheck SSL box on control panel..save
2. Re-check SSL Box on control panel...save
3. Goto SSL Tab in control panel, select action, create certificate (although I notice that all the fields country, province .....are filled in already including both the SSL Request, and the SSL Certificate ...save

Result:
try to browse to https://
Firefox: Unable to connect: Firefox can't establish a connection to the server

Restart Apache
Firefox: Unable to connect: Firefox can't establish a connection to the server

Restart ISPConfig
/etc/init.d/ispconfig_server restShutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...
/root/ispconfig/httpd/bin/apachectl startssl: httpd started
ISPConfig system is now up and running!

try to browse to https://
Firefox: Unable to connect: Firefox can't establish a connection to the server

I am not sure but from the netstat i posted does it look like SSL is running? I know everything else says it is. Not sure.
Reply With Quote
  #4  
Old 26th May 2007, 15:34
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,213 Times in 4,088 Posts
Default

You apache server seems not to listen on the https port. Please reconfigure the apache webserver as described in the perfects etup guide for your linux distribution.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
Menzor (27th May 2007)
  #5  
Old 27th May 2007, 04:03
Menzor Menzor is offline
Junior Member
 
Join Date: May 2007
Posts: 6
Thanks: 1
Thanked 0 Times in 0 Posts
Smile Solved

I figured it out after trying for hours, turns out the solution is really simple.

If installing on a Fedora core bare bones install (the way i recieved it from the data center) make sure mod_ssl is installed!

Thank you all for helping!

Great app by the way!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Getting e-mail working hansoffate Installation/Configuration 29 13th August 2008 16:33
mail issue - can recieve but not send phillycode Installation/Configuration 2 24th March 2007 15:02
HotSaNIC domino Tips/Tricks/Mods 23 6th November 2006 05:19
Howto suggestion suse PhP ver 4 + Ver 5 wwparrish Suggest HOWTO 11 7th August 2006 13:29
Perfect Xen 3.0 setup for Debian gurneyzap HOWTO-Related Questions 4 26th March 2006 11:30


All times are GMT +2. The time now is 18:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.