#1  
Old 4th February 2013, 03:56
ichpen ichpen is offline
Junior Member
 
Join Date: Dec 2011
Posts: 21
Thanks: 0
Thanked 1 Time in 1 Post
Default ISPConfig 3 & nginx ssl issues

Hi there,

Fairly long term ispconfig 3 user. Had great success on ubuntu/LAMP stack.

Recently I relocated servers and started afresh. Decided to go with nginx. Follow your guide (ubuntu 12.04, nginx, ispconfig 3). It mostly seems to work except having real issues with the ssl directives. Seems the interface doesn't want to put in the relevant SSL directives in vhost IP:443 etc etc. None of the ssl sections in the templates are inserted.

I've tried restarting, creating new sites with various combinations but alas no ssl. Is this an open bug or should I just go hack my vhosts manually?

THanks.
Nik
Reply With Quote
Sponsored Links
  #2  
Old 4th February 2013, 13:12
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Are there vhost files in /etc/nginx/sites-available/ that end with the extension .err?

Quote:
Is this an open bug or should I just go hack my vhosts manually?
There's no such bug, and SSL has always been working fine for me. I guess it's a problem with your setup.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 4th February 2013, 14:24
ichpen ichpen is offline
Junior Member
 
Join Date: Dec 2011
Posts: 21
Thanks: 0
Thanked 1 Time in 1 Post
Default

Thanks for the reply, no err files were created, it just seems to ignore the SSL checkbox.

Is there any log file I can go check? I've checked the cron.log, nothing there, ispconfig.log is empty. Nothing abnormal in syslog. Strangest thing.

I can confirm that the ssl value in the web_domain table is getting correctly updated so I assume it's downstream from there.

Last edited by ichpen; 4th February 2013 at 17:15.
Reply With Quote
  #4  
Old 4th February 2013, 18:43
ichpen ichpen is offline
Junior Member
 
Join Date: Dec 2011
Posts: 21
Thanks: 0
Thanked 1 Time in 1 Post
Default

Update:

Figured out how to stick ispconfig in debug and manually execute server.sh. Here's the output when I ENABLE SSL. Looks like it's evidently tripping up.

04.02.2013-17:39 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock
04.02.2013-17:39 - DEBUG - Found 1 changes, starting update process.
04.02.2013-17:39 - DEBUG - Calling function 'ssl' from plugin 'nginx_plugin' raised by event 'web_domain_update'.
04.02.2013-17:39 - DEBUG - Calling function 'update' from plugin 'nginx_plugin' raised by event 'web_domain_update'.
04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16
04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16/*
04.02.2013-17:39 - DEBUG - exec: chmod 710 /var/www/clients/client6/web16/web
04.02.2013-17:39 - DEBUG - exec: chmod 777 /var/www/clients/client6/web16/tmp
04.02.2013-17:39 - DEBUG - exec: chmod 755 /var/www/clients/client6/web16/log
04.02.2013-17:39 - DEBUG - exec: usermod --groups sshusers web16
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/cgi-bin
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/ssl
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/tmp
04.02.2013-17:39 - DEBUG - exec: chown -R web16:client6 /var/www/clients/client6/web16/web
04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log/error.log
04.02.2013-17:39 - DEBUG - SSL Disabled. shop.dasilvamotorsport.com
04.02.2013-17:39 - DEBUG - Writing the vhost file: /etc/nginx/sites-available/shop.dasilvamotorsport.com.vhost
04.02.2013-17:39 - DEBUG - Writing the PHP-FPM config file: /etc/php5/fpm/pool.d/web16.conf
04.02.2013-17:39 - DEBUG - nginx status is: 1
04.02.2013-17:39 - DEBUG - Calling function 'restartHttpd' from module 'web_module'.
04.02.2013-17:40 - DEBUG - nginx online status after restart is: 1
04.02.2013-17:40 - DEBUG - Processed datalog_id 126
04.02.2013-17:40 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock


So it's seeing the update but not reading the SSL flag in the web_domain table. The flag is correctly set there at least.

Last edited by ichpen; 4th February 2013 at 18:46.
Reply With Quote
  #5  
Old 4th February 2013, 19:16
ichpen ichpen is offline
Junior Member
 
Join Date: Dec 2011
Posts: 21
Thanks: 0
Thanked 1 Time in 1 Post
Default

OK, figured it out. It seems nginx_plugin.inc.php is not only checking for the SSL enabled flag, it also checks for 3 cert files in the vhost/ssl path. Once you put them in it will actually enable SSL.

Personally I think this check is overkill and a little confusing but I guess it is what it is.

At least we have an ssl vhost directive now.

Now my bigger issue is that for my 2 SSL (dedicated IP hosts) I'm getting Error 500 on https and http. It appears unrelated to ssl.

Last edited by ichpen; 4th February 2013 at 19:18.
Reply With Quote
  #6  
Old 5th February 2013, 20:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

Quote:
Originally Posted by ichpen View Post
Personally I think this check is overkill and a little confusing but I guess it is what it is.
This check is necessary because if you put SSL directives in the vhost, but nginx cannot find the SSL files, it will refuse to start.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #7  
Old 7th February 2013, 18:29
ichpen ichpen is offline
Junior Member
 
Join Date: Dec 2011
Posts: 21
Thanks: 0
Thanked 1 Time in 1 Post
 
Default

Quote:
Originally Posted by falko View Post
This check is necessary because if you put SSL directives in the vhost, but nginx cannot find the SSL files, it will refuse to start.
Fair point, had forgotten about that.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 15:08
No dns zone files created? sjau Installation/Configuration 7 13th March 2012 13:15
All files gone after changing quota to 0 spynode General 17 19th January 2012 14:41
Ubuntu 11.10, ISPConfig 3.0.4.1 needs some nginx.conf tweaks after following guide. talkingnews Installation/Configuration 10 28th November 2011 21:55
Ftp problems timeout reny2000 General 6 23rd December 2009 11:09


All times are GMT +2. The time now is 18:09.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.