Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Developers' Forum

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 13th January 2009, 10:37
novaflash novaflash is offline
Junior Member
 
Join Date: Jan 2009
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Unhappy SSL on ISPconfig3 not working

Well, at least not for me.

I am running Debian Etch 4.0 and I installed ISPconfig3 but for some reason when I access https://192.168.47.104:8080/ I get the error message: (in firefox)

SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)

I tried googling around a bit for this error but it seems it's somewhere in the Apache2 configuration. I looked around in the vhosts files and couldn't find a mention of an SSL module anywhere. Only in mods-enabled I found a mention of ssl.conf and ssl.load.

Any help on how to proceed from here? I figure messing with the apache2 configuration files won't help me since they'll most likely be rewritten by ISPconfig 3 the moment I make a change using the panel. (I can access it via http://192.168.47.104:8080, without SSL)

I also tried adding a new site, added the domainname to my local hosts file so I could access it, and it works. But again, when I check the box for SSL support and generate a certificate, it won't work and give me the same error as mentioned above.
Reply With Quote
Sponsored Links
  #2  
Old 13th January 2009, 15:10
skeldof skeldof is offline
Junior Member
 
Join Date: Oct 2008
Posts: 11
Thanks: 1
Thanked 2 Times in 2 Posts
Default

Port 8080 is not SSL, hence why https won't work. The ISPConfig panel is not SSL at all. There is no SSL option for the main panel.

Creating (and then accessing) a working SSL website is an unrelated issue. What port were you trying to access the site on? Or just https://newsite.tld/ ? How was it configured in ispconfig3?
Reply With Quote
  #3  
Old 13th January 2009, 17:50
mikey169 mikey169 is offline
Junior Member
 
Join Date: Jan 2009
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

i'm in trouble with similar problems...

first.. how did you manage to get the "ssl_error_rx_record_too_long" error?
to get there.. i needed to add a "Listen 443" in ports.conf and then restart the apache2-service..

why does ispconfig3 this not automatically?

now, i finally got a site working by editing the sites-enabled/000-default
i changed line 1 and 2

old:
Code:
NameVirtualHost *
<VirtualHost *>
new:
Code:
NameVirtualHost localhost
<VirtualHost localhost>
then some error-messages at apache2-start dissappeared and the https://domain.tld worked well..

but i am still asking myself why these two changes in config-files cannot be done by ispconfig3?

also i would like to know how to get the ispconfig3-panel working under https...

*EDIT*

now i got ispconfig3-panel over https working!

from every site i removed ssl-options and then i added the following lines to /etc/apache2/sites-available/ispconfig.vhost

Code:
<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################
Listen 443
<VirtualHost *:443>
    DocumentRoot /usr/local/ispconfig/interface/web

    SSLEngine on
    SSLCertificateFile /path/to/certificate/theCertFile.crt
    SSLCertificateKeyFile /path/to/key/theKeyFile.key

</VirtualHost>
</IfModule>
it works, but it seems to me that it is not a very clean solution..

Last edited by mikey169; 14th January 2009 at 11:42.
Reply With Quote
  #4  
Old 20th January 2009, 22:35
vogelor vogelor is offline
ISPConfig Developer
 
Join Date: Jan 2007
Location: Wernau, Germany
Posts: 219
Thanks: 42
Thanked 34 Times in 24 Posts
Default

Quote:
Originally Posted by mikey169 View Post
from every site i removed ssl-options and then i added the following lines to /etc/apache2/sites-available/ispconfig.vhost
it is even better to create a new ispconfig.vhost-file (for example) my_ispconfig.vhost and then adapt the LINK in the sites-enabled directory to this new file instead of the original file. The reason to do this is that every update replaces the "old" ispconfig.vhost with a "new" file generated by the setup (so you loose your changes). But the LINK is not recreated. this means you will not lose any changes if you update your installation!
__________________
Der neue Luxus heißt Zeit, nicht Geld!

Firma : http://www.muv.com, http://www.computerandservice.de
Privat : http://www.vogelor.de
Reply With Quote
  #5  
Old 20th January 2009, 22:38
vogelor vogelor is offline
ISPConfig Developer
 
Join Date: Jan 2007
Location: Wernau, Germany
Posts: 219
Thanks: 42
Thanked 34 Times in 24 Posts
 
Default

Quote:
Originally Posted by skeldof View Post
Port 8080 is not SSL, hence why https won't work.
This is not 100% correct. If you enable the ssl-engine at this port (inside the vhost-file), SSL will work at this port too - but this is NOT the default setting, so SSL will not work at this port if you don#t change it ...
__________________
Der neue Luxus heißt Zeit, nicht Geld!

Firma : http://www.muv.com, http://www.computerandservice.de
Privat : http://www.vogelor.de
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
PHP not working with SSL linuxwannabe Server Operation 12 29th October 2008 05:39
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
Site SSL not working cic Installation/Configuration 6 16th October 2007 18:01
SSL not working for individual site. FeraTechInc General 4 1st March 2007 20:26
Upgrade from 2.2.0 to 2.2.1 successful but SSL and IMAP stopped working teleriddler Installation/Configuration 8 29th April 2006 14:25


All times are GMT +2. The time now is 06:47.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.