#1  
Old 3rd December 2009, 01:08
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Angry SSL Certificate will not work

I installed CentOS and ISPConfig 3 as the 'The Perfect Server - CentOS 5.3 x86_64 [ISPConfig 3]' instructions say. One of the domains hosted is an ecommerce and although we don't take credit card details I would still like it secure for user confidence. So I went to comodo and requested an IntantSSL certificate. I generated my CSR through ISPConfig and pasted it at comodo and got an Apache mod SSL certificate bundle. I pasted the certificate I got from comodo into ISPConfig and saved it. I then added the line '
SSLCertificateChainFile /var/www/clients/client1/web/ssl/www_savacomp_com.ca-bundle' to the Apache directives box within ISPConfig. I then restarted - /etc/init.d/httpd restart
Now when I go to my website using hhtps rather than http I still have a certificate error with the certificate issued to localhost.localdomain. Does anybody know why that would happen as its driving me nuts!
Reply With Quote
Sponsored Links
  #2  
Old 3rd December 2009, 14:45
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,065
Thanks: 826
Thanked 5,395 Times in 4,239 Posts
Default

Please post the exact error messages from the apache error log of the website and the sl error log. Also the chain file has not be inserted like you did it, there is a field for the chain file in ispconfig named SSL Bundle where you have to add the contents of the bundle certificate.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 3rd December 2009, 18:05
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

This is my ssl_error_log

[Thu Dec 03 14:53:02 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 14:53:02 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 15:08:05 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 15:08:05 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:03 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:03 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:27 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:27 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:28 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Thu Dec 03 16:33:28 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Thu Dec 03 16:33:52 2009] [error] [client 192.168.1.1] Directory index forbidden by Options directive: /var/www/html/
Reply With Quote
  #4  
Old 3rd December 2009, 19:27
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Error_log from /var/log/httpd

[Thu Dec 03 14:52:53 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 14:52:53 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 14:53:01 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 14:53:02 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 14:53:02 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 14:53:02 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 14:53:02 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 15:08:04 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 15:08:04 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 15:08:04 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 15:08:05 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 15:08:05 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 16:33:03 2009] [notice] SIGHUP received. Attempting to restart
[Thu Dec 03 16:33:03 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 16:33:03 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 16:33:03 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 16:33:03 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
[Thu Dec 03 16:33:27 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Dec 03 16:33:28 2009] [notice] Digest: generating secret for digest authentication ...
[Thu Dec 03 16:33:28 2009] [notice] Digest: done
PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0
[Thu Dec 03 16:33:28 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads.
[Thu Dec 03 16:33:28 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
Reply With Quote
  #5  
Old 3rd December 2009, 19:37
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Site error.log


[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] SecurityException in Application.cpp:496: Handler not found in configuration
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Caused by KeyNotFoundException in Configuration.cpp:234: Handler "x-httpd-php" not found
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Premature end of script headers: index.php
[Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] File does not exist: /var/www/error/500.html

This error was generated when trying to access site with https:
Reply With Quote
  #6  
Old 3rd December 2009, 19:44
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I am going to regenerate another certificate and this time paste the contents of the bundle file into ispconfig.
Reply With Quote
  #7  
Old 31st December 2009, 17:37
jlaughy jlaughy is offline
Member
 
Join Date: Aug 2005
Posts: 50
Thanks: 4
Thanked 1 Time in 1 Post
Default

yesterday I ordered a Comodo certificate.

I use ISPConfig 2.2.35
I took SSL Request: ----XXXXXX
Hav send it to the Certificate auth.

This morning I received the certificate
After installing my server would not start again

What did I do wrong

WKR, JL
Reply With Quote
  #8  
Old 1st January 2010, 12:14
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Any errors in Apache's error log?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 4th January 2010, 18:25
jlaughy jlaughy is offline
Member
 
Join Date: Aug 2005
Posts: 50
Thanks: 4
Thanked 1 Time in 1 Post
Default

Quote:
Originally Posted by falko View Post
Any errors in Apache's error log?

No errors .... as I can see.
Now the ssl autority is searching now what the problem can be.

WKR, JL
Reply With Quote
  #10  
Old 20th February 2010, 23:06
koltz koltz is offline
Member
 
Join Date: Feb 2007
Posts: 61
Thanks: 0
Thanked 1 Time in 1 Post
Default

I am having the same issue with CentOS 5.3 x64 and ISPConfig 3.0.1.6. I followed the directions and installed the certificate via ISPConfig as I should, but for some reason it is bringing up the local certificate when a user goes to a secure site on my domain. My logs look pretty much the same as above posted.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
problem with upgrade to 2.2.34 brianetilley Installation/Configuration 14 11th November 2009 17:22
Is my postfix is hacked? bzzik Server Operation 21 15th July 2009 14:13
Issues securing Webmail with SSL Certificate Robeast Installation/Configuration 10 31st January 2008 01:05
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
Help installing an SSL certificate james@thereidsonline.com Installation/Configuration 1 26th June 2007 18:11


All times are GMT +2. The time now is 18:45.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.