Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #91  
Old 31st July 2007, 16:27
greenhornet greenhornet is offline
Junior Member
 
Join Date: Jul 2007
Posts: 15
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko
Did you run the commands one-by-one instead of all at once? Did you accept all default values?
running them individually solved the problem. Earlier posts did not specify that as being necessary so I did not assume it was. Thanks guys!
Reply With Quote
Sponsored Links
  #92  
Old 9th December 2007, 00:04
steven_twente steven_twente is offline
Junior Member
 
Join Date: Sep 2006
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default [SSL] Browser reports error

Hi guys,

First, let me once again say that I love your software and your support!

I have a small problem with generating the ISPConfig SSL certificate..
Generating the certificate itself works just fine and when I direct my browser to https://mydomain.net:81 the browser presents me with an error stating that the certificate is not signed by an official CA etc. This is normal because the certificate is self-signed. But then the browser presents me with a second error, now stating that the domain of the certificate does not match the domain I tried to access. It says the domain the certificate is assigned to is "" (blank). Is there a way to fix this? I already tried re-generating the certificate using the commands specified earlier in this thread.

**EDIT:**
Ok, I (partially) managed to solve the problem. It seems that the 'Common name' is the one that I should fill in properly in order to correct the error. Sorry if this is obvious to you guys :P But, when I tried to connect to my mailuser login and I got the same error.
That is, if I connected to https://www.mydomain.net:81 I got no error stating that my domains do not match, but if I connected to https://www.mydomain.net:81/mailuser I did get an error stating the domains do not match.

I found out that if I change the common name to mydomain.net (without the www) and I direct my browser to http://mydomain.net:81/mailuser it all goes well. I suppose the problem lies in the fact that I initially chose my FQDN to be mydomain.net instead of www.mydomain.net thus making ISPConfig 'internally' redirect requests to http://mydomain.net:81/mailuser instead of http://www.mydomain.net:81/mailuser. Does this sound sensible? Anyway, I think I'm happy the way it is now So thanks again for the great howto's and ISPConfig!

Greets, Steven
- The Netherlands

Last edited by steven_twente; 9th December 2007 at 01:07.
Reply With Quote
  #93  
Old 9th December 2007, 02:56
steven_twente steven_twente is offline
Junior Member
 
Join Date: Sep 2006
Posts: 15
Thanks: 0
Thanked 0 Times in 0 Posts
Default Courier SSL certificate

Hi
*See post above..*
Just a small question about the courier SSL certificate.. (I hope this is the right thread to post this.) As you can see from my post above I managed to re-generate the SSL certificates for ISPConfig. Thanks to the 'perfect setup' howto for ubuntu 7.10 I also managed to do this for the postfix SSL certificate, which was also giving me an error about non-matching domains. It all works very smoothly now, except for the Courier pop3-ssl server. Since that SSL certificate is auto-generated by courier upon installation I don't know how to modify it in order to get matching domains. In fact, all I want to do is change the 'Common name' setting of the certificate. To do this I suppose I need to regenerate the certificate for courier. Does anyone know a way to do this without messing up anything?

**EDIT:**
Ok, I also managed to solve this one. Sorry for these self-answered posts, but I'm posting them anyway in case someone else is having the same problem. In order to get the Courier pop3 SSL certificate working I did the following:

(WARNING! This worked for me, I am not sure it will work for everyone. I am running an Ubuntu 7.10 'perfect server', installed using the Perfect Server Howto found here. If you are running something else, at least check the paths before trying this. Also, I am not aware of any nasty side-effects. For me there don't seem to be any.)

- First edit the file '/etc/courier/pop3d.cnf' This contains the defaults used by mkpop3dcert (the tool used by courier to create a self-signed certificate).
Code:
# vim /etc/courier/pop3d.cnf
- Then re-generate the .pem file using mkpop3dcert. (Perhaps it is wise to backup the original first..)
Code:
# cd /usr/lib/courier
# cp pop3d.pem pop3d.pem-orig
# mkpop3dcert
(As you can see I did not add './' to the mkpop3dcert command. It seems to be in my path..)
- Next we copy the new .pem to the dir used by courier. (I also backup the original first..)
Code:
# cp /etc/courier/pop3d.pem /etc/courier/pop3d.pem-orig
# cp /usr/lib/courier/pop3d.pem /etc/courier/pop3d.pem
- And make sure the permissions are correct.
Code:
# chmod 600 /etc/courier/pop3d.pem
- Finally reload the courier ssl server.
Code:
# /etc/init.d/courier-pop-ssl force-reload
Greets, Steven

Last edited by steven_twente; 9th December 2007 at 13:50. Reason: Solution found
Reply With Quote
  #94  
Old 27th February 2008, 01:55
ubuntulinux ubuntulinux is offline
Junior Member
 
Join Date: Feb 2008
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Cannot log in! Could not connect to MySQL server

openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key


I did this and I could get in ISPConfig and login with admin to.

Then I JUST RESTARTED the pc and i can no longer login!! It shows this errors on the page:


Warning: mysql_connect() [function.mysql-connect]: Can't connect to MySQL server on '127.0.0.1' (4) in /home/admispconfig/ispconfig/lib/classes/ispconfig_db_mysql.lib.php on line 77

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'admispconfig'@'localhost' (using password: NO) in /home/admispconfig/ispconfig/web/login/login.php on line 40

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/admispconfig/ispconfig/web/login/login.php on line 40

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'admispconfig'@'localhost' (using password: NO) in /home/admispconfig/ispconfig/web/login/login.php on line 41

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/admispconfig/ispconfig/web/login/login.php on line 41

Warning: Cannot modify header information - headers already sent by (output started at /home/admispconfig/ispconfig/lib/classes/ispconfig_db_mysql.lib.php:77) in /home/admispconfig/ispconfig/web/login/login.php on line 60



I tried to restart ISPConfig but it says this:


root@linuxsrv:~# /etc/init.d/ispconfig_server restart
Shutting down ISPConfig system...
/root/ispconfig/httpd/bin/apachectl stop: httpd stopped
ISPConfig system stopped!
Starting ISPConfig system...
/root/ispconfig/httpd/bin/apachectl startssl: httpd started
Could not connect to MySQL server!ISPConfig system is now up and running!


WHAT CAN I DO? Please help me.

Thank you.
Reply With Quote
  #95  
Old 27th February 2008, 08:25
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,197
Thanks: 829
Thanked 5,420 Times in 4,262 Posts
Default

Please start the mysql server:

/etc/init.d/mysql start

or

/etc/init.d/mysqld start
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #96  
Old 27th February 2008, 11:13
ubuntulinux ubuntulinux is offline
Junior Member
 
Join Date: Feb 2008
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default Still cannot login in ISPConfig

root@linuxsrv:~# /etc/init.d/mysql start
* Starting MySQL database server mysqld [ OK ]

I did that but it remains the same. :S

I still cannot login in ISPConfig. The first time i logged in everything went fine. I just shutdown my system and then i turned it on and the ISPConfig simply doesn't allow any login.

Here are the errors again when i try to log in:


Warning: mysql_connect() [function.mysql-connect]: Can't connect to MySQL server on '127.0.0.1' (4) in /home/admispconfig/ispconfig/lib/classes/ispconfig_db_mysql.lib.php on line 77

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'admispconfig'@'localhost' (using password: NO) in /home/admispconfig/ispconfig/web/login/login.php on line 40

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/admispconfig/ispconfig/web/login/login.php on line 40

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: Access denied for user 'admispconfig'@'localhost' (using password: NO) in /home/admispconfig/ispconfig/web/login/login.php on line 41

Warning: mysql_real_escape_string() [function.mysql-real-escape-string]: A link to the server could not be established in /home/admispconfig/ispconfig/web/login/login.php on line 41

Warning: Cannot modify header information - headers already sent by (output started at /home/admispconfig/ispconfig/lib/classes/ispconfig_db_mysql.lib.php:77) in /home/admispconfig/ispconfig/web/login/login.php on line 60

What is going on? :S
Please help me.
Thank you
Reply With Quote
  #97  
Old 28th February 2008, 18:59
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

What's the name of the MySQL user you're using in /home/admispconfig/ispconfig/lib/config.inc.php? Should be root.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #98  
Old 12th March 2009, 11:29
matey matey is offline
Member
 
Join Date: Feb 2009
Posts: 93
Thanks: 13
Thanked 3 Times in 3 Posts
Thumbs up

Excellent thread.
Thanks to everyone for questions and answers, (I cant believe I read the whole thing, even most of the error codes)!
This reminds me of the nightmare I went thru last year with expired certs. I wished I was here back then.
Reply With Quote
  #99  
Old 3rd August 2009, 18:41
odcheck odcheck is offline
Junior Member
 
Join Date: Aug 2008
Posts: 7
Thanks: 2
Thanked 0 Times in 0 Posts
Smile

Quote:
Originally Posted by falko View Post
Try this:

Code:
openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
Restart ISPConfig afterwards.
I guess this happens a lot of times :-) That people have got special chars in their passwords which will cause that.

Thanks again Falko
Reply With Quote
  #100  
Old 11th November 2009, 15:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
 
Default

Quote:
Originally Posted by seo4ssl View Post
How do we get rid of 446 in the url.
That's not possible because 446 is not the default port.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 20:41.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.