Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Tips/Tricks/Mods

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 1st January 2010, 21:05
SamTzu SamTzu is offline
HowtoForge Supporter
 
Join Date: Apr 2007
Location: Helsinki
Posts: 426
Thanks: 33
Thanked 53 Times in 36 Posts
Send a message via Skype™ to SamTzu
Post Creating a SSL certificate - Quick guide

If you want to get Commercial SSL Certificate for 2048bit or stronger encryption (Godaddy etc.) you need to change ISPConfig3 core settings.

Follow this Quick guide to do it. If you just want to get your own non-commercial Certificate to work skip this ISPConfig3 hack and proceed to the Normal SSL configuration.

ISPConfig3 hack SSL guide.
  1. If you have already created a cert, delete it from the SSL tab for your site.
  2. Disable SSL for your website from the Website tab.
  3. Open /usr/local/ispconfig/server/plugins-available/apache2_plugin.inc.php and change 1024 (second instance, not the default setting - although it may still work changing both) to 2048 or 4096.
  4. Save the file and restart apache2 (i.e. /etc/init.d/apache2 restart) for good measure.
  5. Note: If you experience an error restarting apache2 (e.g. "(98)Address already in use: make_sock: could not bind to address 0.0.0.0:80") then do the following:
    • sudo lsof -i :80
    • Determine the pid of the running service and...
    • kill <pid from step 2>
    • /etc/init.d/apache2 restart
      It should start this time. I'm not sure what may cause this, but I had experienced it many times. It may have something to do with Subversion if you have it enabled under apache.
  6. Go back to ISPConfig and create a new certificate as you would normally.
  7. Go back to the SSL tab (may have to restart apache again if you do not see the keys in the first two fields (not sure why, but I experienced this a few times).
  8. Copy the code from the SSL request fields and provide that to GoDaddy as the request key.
  9. Once you download your certificate from GoDaddy, paste the contents of the yourdomain.com.crt file into the SSL Certificate field (replacing what is there), select Save Certificate form the pulldown and click Save. The SSL Bundle was left empty (not sure if I needed anything here or not...can anyone confirm).
  10. Restart apache2 for good measure and test it out.

Normal SSL configuration.
  1. Make sure that your (Linux) server has 1 IP address for each site that needs a Cert (and one for the server.)
  2. Make sure that those IP addresses are configured in 'ISPConfig3 | System | Edit Server IP' list.
  3. Make sure that the 'new' Certificate site does not have * as it's address in 'Sites | Website | IP-Address' field.
  4. Make sure that SSL is enabled in that same page
  5. Make sure that the DNS address points to that IP-Address that was defined for the website and not the old address (*) that you probably had to change when starting this process.
  6. On 'Sites | Website | SSL' enter your Certificate settings. (Your locale and Company info.)
  7. On the same page in 'SSL Action' 'Create Certificate' and Save.
  8. Wait a moment.
  9. Refresh SSL settings page. You should see the new Certificate code now.
You can now use the https://yourdomain.com
__________________

Sami Mattila
Internet-Content

Telephone:
00358942833310
Email: firstname.lastname@internet-content.org
Shop: http://shop.internet-content.net
Site: http://www.internet-content.net
Blog: http://www.internet-content.net/en/blog
FB: https://www.facebook.com/internetcontent

Reply With Quote
The Following 6 Users Say Thank You to SamTzu For This Useful Post:
charlesrg (30th April 2010), DaRKNeSS666NL (22nd May 2010), falko (2nd January 2010), Germanius (14th February 2010), jon (3rd February 2010), till (2nd January 2010)
Sponsored Links
 

Bookmarks

Tags
certificate, quick guide, ssl

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig 3 - CentOS 5.4 - SSL Problems!?! owainbaber Installation/Configuration 4 26th July 2011 17:12
Is my postfix is hacked? bzzik Server Operation 21 15th July 2009 14:13
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
ISPConfig 2.2.14 released till General 48 19th July 2007 23:46
Problem with the apache (I can't start ist) M.Behrens Installation/Configuration 11 31st March 2006 10:48


All times are GMT +2. The time now is 07:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.