Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 22nd June 2009, 20:10
littlespelk littlespelk is offline
Junior Member
 
Join Date: Jun 2009
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default Just installed ispconfig3, problems with ssl certiftcates

I get the following error message

SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long)


How do I rectify this?
Reply With Quote
Sponsored Links
  #2  
Old 22nd June 2009, 20:15
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,212 Times in 4,088 Posts
Default

The ssl cert is broken or no ssl cert is installed. Please recreate the ssl cert.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 22nd June 2009, 20:18
littlespelk littlespelk is offline
Junior Member
 
Join Date: Jun 2009
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks for your reply.

How do I recreate sll certificates for ispconfig3?

Regards
Littlespelk. (sorry im a newbie here lol.)
Reply With Quote
  #4  
Old 22nd June 2009, 20:26
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,212 Times in 4,088 Posts
Default

What do you mean with ssl certificate for ispconfig? ISPConfig 3 has no ssl cert, it is accessed by http and not https (see perfect server guides). The sl certificates for the sites that you created in ispconfig are created in ispconfig on the ssl tab.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #5  
Old 22nd June 2009, 20:46
littlespelk littlespelk is offline
Junior Member
 
Join Date: Jun 2009
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I followed the guide and re-did the imapd and pop3d certificates
i get cn name does not match the passed value. error.

Ive named my server tycoon-game.com and used that as my cn value too.


Also the certificate to allow https: pages isnt working

I get " SSL received a record that exceeded the maximum permissible length.

(Error code: ssl_error_rx_record_too_long) "

when I try to log in vis https or try to access phpmyadmin via https

Regards
littlespelk
Reply With Quote
  #6  
Old 22nd June 2009, 21:08
till till is online now
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,446
Thanks: 813
Thanked 5,212 Times in 4,088 Posts
Default

You totally mix up different things.

1) imap and pop3 certificates have nothing to do with ispconfig. They are certificates of the pop3 and imap daemon. If you dont like the certificates that come with the linux distribution that you have choosen, then you might have to recreate them. The commands are mkimapdcert and mkpop3dcert. See: http://www.howtoforge.com/forums/sho...07&postcount=5


2) https access for phpmyadmin has nothing to do with ispconfig and is not configured with ispconfig. ISPConfig can be used to create ssl certificates for websites, but phpmyadmin is not part of a website that is created by ispconfig. So you get this error becaue you access a http service that is not configured by ISPConfig by using https.

If you want to use services from your linux distribution with https you will have to create ssl certificates manually for the host that you use to access it.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #7  
Old 25th June 2009, 22:36
Master One Master One is offline
Junior Member
 
Join Date: Mar 2008
Posts: 23
Thanks: 1
Thanked 0 Times in 0 Posts
Default

I just found out, how to force SSL for access to my ISPConfig 3 installation (https://server1.example.tld:8080), which is nicely explained here in the forum, but now I am clueless on how to force SSL for access to phpmyadmin and webmail as well (which in that case are accessible by http://server1.example.tld/phpmyadmin and http://server1.example.tld/webmail right now -> I installed SquirrelMail according to the The Perfect Server - Ubuntu 9.04 [ISPConfig 3], so SquirrelMail is symlinked in /var/www as "webmail -> /usr/share/squirrelmail/").

Both are not under the control of ISPConfig, so what's the best way, that does not interfere with the ISPConfig 3 setup?
Reply With Quote
  #8  
Old 25th June 2009, 23:09
Master One Master One is offline
Junior Member
 
Join Date: Mar 2008
Posts: 23
Thanks: 1
Thanked 0 Times in 0 Posts
 
Default

Ok, that was easier than expected, so answering myself:

As I already used this proceeding to force SSL on ISPConfig access, which also included the creation of a new self-signed-cert, I just needed to add the symlink "000-default-ssl -> ../sites-available/default-ssl" to /etc/apache2/sites-enabled, and change the cert in /etc/apache2/sites-available/default-ssl (which can be omitted, because it is already preconfigured to use another self-signed-cert from /etc/ssl/certs/).

I decided to add another symlink, and not to change the existing default one, so that phpmyadmin and webmail can be access normally and by SSL.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL configuration problems Jesper General 2 6th February 2009 10:51
SSL on ISPconfig3 not working novaflash Developers' Forum 4 20th January 2009 22:38
Upgrade to php 5.2 in suse 10.1 gimhan90 Installation/Configuration 3 1st January 2009 20:32
Installation Problems Exilebear Installation/Configuration 4 13th May 2008 13:05
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59


All times are GMT +2. The time now is 18:22.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.