Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #81  
Old 29th July 2007, 19:46
daveb daveb is offline
Senior Member
 
Join Date: Dec 2006
Location: St Louis Mo
Posts: 272
Thanks: 43
Thanked 41 Times in 37 Posts
Default

Sounds like you are pressing Y "yes" instead of N "no" during step 7 and 8 of ssl certificate creation which encrypt's the private key. You will always be asked for a password whenever you want to restart your ispconfig system if the private key is encrypted.
Reply With Quote
Sponsored Links
  #82  
Old 29th July 2007, 21:05
greenhornet greenhornet is offline
Junior Member
 
Join Date: Jul 2007
Posts: 15
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by daveb
Sounds like you are pressing Y "yes" instead of N "no" during step 7 and 8 of ssl certificate creation which encrypt's the private key. You will always be asked for a password whenever you want to restart your ispconfig system if the private key is encrypted.

There is no step 7 in the key regen that Falko posted unless I'm missing something. I think I did select that option originally yes, but now I need to undo it which is what I thought the instructions on page 1 were for.
Reply With Quote
  #83  
Old 30th July 2007, 10:41
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,788
Thanks: 840
Thanked 5,612 Times in 4,423 Posts
Default

Please recreate the SSL certificate as described here:

http://www.howtoforge.com/forums/sho...t=firefox+8182
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #84  
Old 30th July 2007, 16:34
greenhornet greenhornet is offline
Junior Member
 
Join Date: Jul 2007
Posts: 15
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till
Please recreate the SSL certificate as described here:

http://www.howtoforge.com/forums/sho...t=firefox+8182
It doesn't make any difference. I'm still being prompted for a password on restart of ISPconfig. Are we SURE that recreating the SSL cert will change the option to not ask for a password on startup of ISPconfig?
Reply With Quote
  #85  
Old 30th July 2007, 16:54
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,042
Thanks: 269
Thanked 154 Times in 133 Posts
Default

Quote:
Originally Posted by greenhornet
It doesn't make any difference. I'm still being prompted for a password on restart of ISPconfig. Are we SURE that recreating the SSL cert will change the option to not ask for a password on startup of ISPconfig?
From the install instructions:
Quote:
In step 7 ("Encrypting RSA private key of CA with a pass phrase for security [ca.key]")and step 8 ("Encrypting RSA private key of SERVER with a pass phrase for security [server.key]") of the certificate creation process you are asked if you want to encrypt the respective key now. Choose n there because otherwise you will always be asked for a password whenever you want to restart the ISPConfig system which means it cannot be restarted without human interaction!


I think that they are sure.
__________________
Never execute code written on a Friday or a Monday.
Reply With Quote
  #86  
Old 30th July 2007, 16:58
greenhornet greenhornet is offline
Junior Member
 
Join Date: Jul 2007
Posts: 15
Thanks: 1
Thanked 0 Times in 0 Posts
Default

I'm not getting to any of those steps when I change the cert. I'm only getting prompted for the typical cert stuff (ie. country code, state, etc).
Reply With Quote
  #87  
Old 30th July 2007, 18:28
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

Is this what you did?
http://www.howtoforge.com/forums/sho...58&postcount=4
Maybe you made a typo somewhere.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #88  
Old 30th July 2007, 18:35
greenhornet greenhornet is offline
Junior Member
 
Join Date: Jul 2007
Posts: 15
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko
Is this what you did?
http://www.howtoforge.com/forums/sho...58&postcount=4
Maybe you made a typo somewhere.
I've done this 5 times. I'm POSITIVE I did not typo. Here's my exact entry (with my password changed):

openssl genrsa -des3 -passout pass:xxxxxxx -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:xxxxxxx -passout pass:xxxxxxx -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:xxxxxxx -passout pass:xxxxxxx -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:xxxxxxx -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
Reply With Quote
  #89  
Old 30th July 2007, 21:25
daveb daveb is offline
Senior Member
 
Join Date: Dec 2006
Location: St Louis Mo
Posts: 272
Thanks: 43
Thanked 41 Times in 37 Posts
Default

if greenhornet has
Code:
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
wouldnt he have to at least
Code:
chmod 600 /root/ispconfig/httpd/conf/ssl.key/server.key
before he tried to create a new cert so it could be rewrote ?
Reply With Quote
  #90  
Old 31st July 2007, 15:21
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
 
Default

Quote:
Originally Posted by greenhornet
I've done this 5 times. I'm POSITIVE I did not typo. Here's my exact entry (with my password changed):

openssl genrsa -des3 -passout pass:xxxxxxx -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
openssl req -new -passin pass:xxxxxxx -passout pass:xxxxxxx -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
openssl req -x509 -passin pass:xxxxxxx -passout pass:xxxxxxx -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
openssl rsa -passin pass:xxxxxxx -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key
Did you run the commands one-by-one instead of all at once? Did you accept all default values?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
greenhornet (31st July 2007)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 01:13.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.