Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th December 2009, 21:38
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default ISPConfig 3 - CentOS 5.4 - SSL Problems!?!

I have just done a new installation of CentOS 5.4 and ISPConfig 3, and I set up a domain and now I want an SSL Certificate. I generated one within ISPConfig, I then restarted apache, then accessed the site. Obviously I get the usuall warnings about self signed, but upon viewing the certificate with IE & Firefox I couldn't help noticing that the certificate in use isn't the one I just created, it is the one located at '/etc/pki/tls/certs/localhost.crt' as configured in the apache ssl.conf file (localhost.localdomain). This is the second server that does this, I had no problems installing either server using the Perfect Server tutorial. Is it actually possible to create usable certificates in ISPConfig 3? When I have tried trials of SSL Certificates from the various companies I have the same result.

SSL Error Log:

[Sat Dec 05 20:03:56 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:03:56 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:03:57 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:03:57 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:04:03 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:04:03 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:20:29 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:20:29 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:20:29 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:20:29 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:20:35 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:20:35 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:20:35 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:20:35 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:21:04 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:21:04 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:22:02 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:22:02 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:22:19 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:22:19 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:22:20 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:22:20 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
[Sat Dec 05 20:23:03 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Dec 05 20:23:03 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!?
Reply With Quote
Sponsored Links
  #2  
Old 7th December 2009, 13:20
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,006
Thanks: 826
Thanked 5,377 Times in 4,224 Posts
Default

Your problem is not ispconfig nor the ssl certificate created by ispconfig as you currently dont use the certificate created by ispconfig. To me it looks like you enabled some kind of default ssl vhost in centos that is blocking the ssl port, so that a default cert is used and not the one created by ispconfig. Check the apache config of centos and disable the default ssl vhost and default ssl cert. Then restart apache.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 8th December 2009, 14:35
owainbaber owainbaber is offline
Junior Member
 
Join Date: Dec 2009
Posts: 9
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
Your problem is not ispconfig nor the ssl certificate created by ispconfig as you currently dont use the certificate created by ispconfig. To me it looks like you enabled some kind of default ssl vhost in centos that is blocking the ssl port, so that a default cert is used and not the one created by ispconfig. Check the apache config of centos and disable the default ssl vhost and default ssl cert. Then restart apache.
I'll give that a ago. Thanks for the reply.
Reply With Quote
  #4  
Old 25th July 2011, 19:25
qb7 qb7 is offline
Member
 
Join Date: Jul 2010
Posts: 50
Thanks: 12
Thanked 4 Times in 4 Posts
Default How to do this till

Quote:
Originally Posted by till View Post
Your problem is not ispconfig nor the ssl certificate created by ispconfig as you currently dont use the certificate created by ispconfig. To me it looks like you enabled some kind of default ssl vhost in centos that is blocking the ssl port, so that a default cert is used and not the one created by ispconfig. Check the apache config of centos and disable the default ssl vhost and default ssl cert. Then restart apache.
Can you help me? I Think wich i have the same issue.
Reply With Quote
  #5  
Old 26th July 2011, 17:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Which distribution do you use? Did you try to access the web site by its domain name, or did you use something else (e.g. IP address, different domain, etc.)?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPconfig setup - DNS, router and general access problems ingvar Installation/Configuration 6 31st July 2010 13:13
Centos 5.2 + ISPConfig 3 tutorial - Problem with email tanakskool Server Operation 1 3rd June 2009 16:22
SSL Cert Question for ISPConfig Access giganet Installation/Configuration 33 28th March 2009 07:56
ISPConfig 3.0.0.7 Beta released till General 78 24th December 2008 11:47
Install ISPConfig on CentOS Server, in brief gfts Tips/Tricks/Mods 11 4th April 2006 08:29


All times are GMT +2. The time now is 00:04.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.