Fail to open ISPConfig site: firefox 8182

[BigB]

It complains about my certificate being invalid, how can I fix this?

IE doesnt open at all

My setup using debian and the howto at http://www.falkotimme.com/howtos/per..._debian_sarge/

worked great until now...

Help please

[falko]

Is ISPConfig running? Execute

Code:

netstat -tap

and look if ISPConfig is running on port 81. If not, restart ISPConfig:

Code:

/etc/init.d/ispconfig_server restart

BTW, you did try to connect on port 81, didn't you (it's https://url_of_your_server:81)?

It's also possible that the firewall on your desktop is blocking access to port 81. Shut down your firewall and try again.

[BigB]

yes it is running, however the certificates the setup generated seem to be faulty, is there a way to restart that part of the setup or an other way to re-generate those certificates?

[falko]

Try this:

Code:

openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key

Restart ISPConfig afterwards.

[m u r]

Well, firefox at least gives me the option now. It still says, "This certificate is not in the trusted root database." Is that normal?

[till]

Quote:

Originally Posted by m u r

Well, firefox at least gives me the option now. It still says, "This certificate is not in the trusted root database." Is that normal?

Yes, because it is an self signed certificate. If you dont want to have this messgae you must buy an SSL Certificate from an SSL Authority.

[KenMcGinnis]

I have the SSL working for port 81, admin console, no problem. However, I want to have a cert on port 80 (192.168.0.195:80) but I can't because there already is a cert for that IP. How to remove the https: access and use http: ?

[till]

Quote:

Originally Posted by KenMcGinnis

I have the SSL working for port 81, admin console, no problem. However, I want to have a cert on port 80 (192.168.0.195:80) but I can't because there already is a cert for that IP. How to remove the https: access and use http: ?

change the file /root/ispconfig/httpd/conf/httpd.conf and the Server URL in the ispconfig configuration in /home/admispconfig/ispconfig/lib/config.inc.php

When you switch the controlpanel httpd to port 80, you must have an IP only for the controlpanel httpd and configure the admin server to only to listen to that IP. And your main apache server must be configured to listen on all IP's except the IP from the controlpanel httpd.

[hairydog2]

Quote:

Originally Posted by till

If you dont want to have this message you must buy an SSL Certificate from an SSL Authority.

Is there a step-by-step description of how to install a bought certificate into a working ISPConfig setup?

I'm thinking about the certificate for the Admin login, not the public server.

[falko]

http://www.instantssl.com/ssl-certif...ate-index.html

The "Certificate Signing Request" is /root/ispconfig/httpd/conf/ssl.csr/server.csr, the certificate is /root/ispconfig/httpd/conf/ssl.crt/server.crt.