#1  
Old 17th July 2012, 14:15
willko willko is offline
Junior Member
 
Join Date: Aug 2010
Posts: 9
Thanks: 1
Thanked 4 Times in 2 Posts
Default Multiple SSL site setup

Hi all,

Trying to set up a few SSL sites using SNI with ISPConfig 3.0.4.6 and Apache/2.2.3 ( first thought is apache version not high enough(2.2.12 minimum???).. If so how do I upgrade httpd to necessary version with CentOS 5.8 final as OS? Not seeing any RHEL related httpd versions available via yum...

I have SNI enabled via control panel and I'm pretty sure I've entered all the necessary conf file settings ( <VirtualHost *:443>, SSLEngine On,SSLCertificateFile, SSLCertificateKeyFile, ServerName, ServerAlias, ServerAdmin etc...)

I get these error messages via httpd error.log:
Code:
[Tue Jul 17 12:40:29 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Tue Jul 17 12:40:29 2012] [warn] Init: SSL server IP/port conflict: siteone.co.uk:443 (/etc/httpd/conf/sites-enabled/100-siteone.co.uk.vhost:107) vs. sitetwo.com:443 (/etc/httpd/conf/sites-enabled/900-sitetwo.com.vhost:111)
[Tue Jul 17 12:40:29 2012] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
The certs are created and in correct directories and referenced...

Any ideas? Is the apache version the issue? More info needed?

Many thanks for help!!
Reply With Quote
Sponsored Links
  #2  
Old 17th July 2012, 15:11
pititis pititis is offline
Senior Member
 
Join Date: Dec 2010
Location: München
Posts: 364
Thanks: 38
Thanked 88 Times in 68 Posts
Default

Hi,

Maybe your openssl was not compiled with tls support.

You can do an useful test. You can get some info running the phpinfo().

Code:
touch phpinfo.php
Edit it and add this:
Code:
<?php
  
phpinfo();
  
?>
Run the script
Code:
php phpinfo.php|grep SSL
Here is my output:

Code:
SSL => Yes
SSL Version => OpenSSL/0.9.8k
SSL Support => enabled
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 0.9.8k 25 Mar 2009
OpenSSL Header Version => OpenSSL 0.9.8k 25 Mar 2009
OpenSSL support => enabled
OpenSSL 0.9.8k and later has this enabled by default

Cheers
Reply With Quote
The Following User Says Thank You to pititis For This Useful Post:
willko (17th July 2012)
  #3  
Old 17th July 2012, 15:31
willko willko is offline
Junior Member
 
Join Date: Aug 2010
Posts: 9
Thanks: 1
Thanked 4 Times in 2 Posts
 
Default

Many thanks for the info/tip..

here's my output:
Code:
SSL => Yes
SSL Version =>  OpenSSL/0.9.8b
SSL Support => enabled
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
OpenSSL Header Version => OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
Native OpenSSL support => enabled
and this from YUM:
Code:
PM Group    : System Environment/Libraries
Source       : openssl-0.9.8e-22.el5_8.4.src.rpm
Build Time   : Tue May 29 18:28:29 2012
Install Time : Tue Jun 26 18:34:02 2012
License      : BSDish
I guess the issue might be the SSL version then? Any idea how I update this? No RHEL based repo updates/upgrades listed via YUM... Is there a repo I'm missing perhaps? Dependencies maybe an issue though ehh?

Found these links that seem relevant here and here

Seems to imply it would be better to jump up CentOS versions ( to 6.2 etc..)

Thanks again for the reply!! Much appreciated!
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
how do I install a SSL cert for a website? mangoo General 3 3rd February 2012 12:46
Client Site With SSL Not Working John.Smith Installation/Configuration 14 24th May 2011 18:31
Need help with DNS and multiple site on single IP 8com Installation/Configuration 6 10th June 2010 11:09
SSL Issue - Unable to connect to any site Menzor Installation/Configuration 4 27th May 2007 04:03
SSL not working for individual site. FeraTechInc General 4 1st March 2007 20:26


All times are GMT +2. The time now is 00:37.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.