Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 27th May 2007, 18:19
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default SSL Setup Question

Hi,

I've purchased an SSL Cert from Godaddy, created the key and csr files, and downloaded my cert. All that is fine. Now, I don't know what to do next. What needs to be done in the ISPC admin panel to setup the new cert on an existing site? Where does the cert need to be placed on the server?

Thanks.

Brian
Reply With Quote
Sponsored Links
  #2  
Old 28th May 2007, 14:09
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,421
Thanks: 812
Thanked 5,205 Times in 4,081 Posts
Default

Copy and paste the certificate to the certificate field in ISPConfig of this website, select save as action and the click on the save button
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 28th May 2007, 16:54
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,721 Times in 2,562 Posts
Default

Also take a look here: http://www.howtoforge.com/faq/14_49_en.html
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 28th May 2007, 21:31
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default

Thanks for the help, guys. The site shows a generic error page in IE. In Firefox, I get an error code 12263 SSL_ERROR_RX_RECORD_TOO_LONG message.

Any ideas?
Reply With Quote
  #5  
Old 29th May 2007, 14:32
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,721 Times in 2,562 Posts
Default

Any errors in the Apache logs?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #6  
Old 29th May 2007, 15:27
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default

The only thing in the (Apache2) error log was this...

[Mon May 28 14:47:08 2007] [notice] Apache/2.2.3 (Debian) PHP/5.2.0-8+etch4 mod_ssl/2.2.3 OpenSSL/0.9.8c configured -- resuming normal operations

And that wasn't even when I tried to access the site in question. There are several of those same messages in the error log.

There were no errors in the /var/log/httpd/ logs.

One other thing...should the Vhosts file for this domain have any SSL comments in it...or does that go someplace else? This is the Vhosts section of this domain:

Quote:
######################################
# Vhost: www.mydomain.com:80
######################################
#
#
<VirtualHost 192.168.1.4:80>
<Directory "/var/www/web4/web">
Options FollowSymLinks
AllowOverride All
</Directory>
ServerName www.mydomain.com:80
ServerAdmin webmaster@mydomain.com
DocumentRoot /var/www/web4/web
ServerAlias mydomain.com
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
ErrorLog /var/www/web4/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_flag safe_mode Off
Alias /error/ "/var/www/web4/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web4/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web4/user/$1/web/$3
</VirtualHost>
#
#
#

Last edited by bschultz; 29th May 2007 at 15:30.
Reply With Quote
  #7  
Old 29th May 2007, 17:24
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default

I did some further testing (and Googling) and I manually added a separate Vhosts entry for the site at port 443

Quote:
######################################
# Vhost: domain.com:443
######################################
#
#
<VirtualHost 192.168.1.4:443>
<Directory "/var/www/web4/web/ssl">
Options FollowSymLinks
AllowOverride All
</Directory>
SSLEngine on
SSLCertificateFile /certificates/domain.com.crt
SSLCertificateKeyFile /certificates/domain.com.key
ServerName domain.com:443
ServerAdmin webmaster@domain.com
DocumentRoot /var/www/web4/web/ssl
ServerAlias https://domain.com
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
ErrorLog /var/www/web4/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_flag safe_mode Off
Alias /error/ "/var/www/web4/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web4/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web4/user/$1/web/$3
</VirtualHost>
#
#
#
I restarted Apache, entered the pass phrase and Apache restarted without errors. I then logged on the https site, and got to the https directory...but, I encountered a certificate error.

Quote:
Unable to verify the identity of domain.com as a trusted site. Possible reasons for this error:
-your browser does not recognize the CA that issued the cert...
-the site's cert is incomplete due to a server misconfiguartion
-you are connected to a site pretending to be domain.com...
This error shows up in Firefox and Safri on a Mac...but not in IE. So, I have three questions:

1-Why the error in Firefox (PC) and Safari (Mac) and not IE (PC)?
2-Will the Vhosts config "stay" after an ISPConfig upgrade
3-Is there any way to not have to enter the pass phrase on reboot of Apache?

Thanks for all the help!

Brian

Last edited by bschultz; 29th May 2007 at 17:32.
Reply With Quote
  #8  
Old 30th May 2007, 16:45
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,721 Times in 2,562 Posts
Default

Quote:
Originally Posted by bschultz
One other thing...should the Vhosts file for this domain have any SSL comments in it...or does that go someplace else? This is the Vhosts section of this domain:
When you enable SSL on the Basis tab of the web site in ISPConfig, there should be a second vhost that contains the SSL settings. If you don't see that second vhost: can you post the
Code:
ls -l
output of the directory where Vhosts_ispconfig.conf is in?
What's the output of
Code:
ls -la /root/ispconfig
?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #9  
Old 30th May 2007, 16:52
bschultz bschultz is offline
Senior Member
 
Join Date: Jul 2006
Posts: 220
Thanks: 11
Thanked 10 Times in 10 Posts
Default

Thanks Falko...here they are:

Quote:
mail:~# ls -l /etc/apache2/vhosts
total 48
-rw-r--r-- 1 root root 6291 2007-05-29 09:10 Vhosts_ispconfig.conf
-rw-r--r-- 1 root root 4989 2007-05-29 06:28 Vhosts_ispconfig.conf~
-rw-r--r-- 1 root root 5215 2007-05-27 15:50 Vhosts_ispconfig.conf_27-05-07_15-50-35
-rw-r--r-- 1 root root 5213 2007-05-27 15:53 Vhosts_ispconfig.conf_27-05-07_15-53-38
-rw-r--r-- 1 root root 5213 2007-05-27 15:57 Vhosts_ispconfig.conf_27-05-07_15-57-27
-rw-r--r-- 1 root root 5213 2007-05-27 15:57 Vhosts_ispconfig.conf_27-05-07_15-57-50
mail:~#

Quote:
mail:~# ls -la /root/ispconfig
total 100
drwxr-xr-x 9 root root 4096 2007-05-29 06:28 .
drwxr-xr-x 6 root root 4096 2007-05-21 15:47 ..
-rwxr-xr-x 1 root root 34862 2007-05-21 15:47 cronolog
-rwxr-xr-x 1 root root 9673 2007-05-21 15:47 cronosplit
drwxr-xr-x 12 root root 4096 2007-05-21 15:31 httpd
drwxr-xr-x 14 root root 4096 2007-05-21 15:47 isp
-rw-r--r-- 1 root root 8 2007-05-29 06:28 .old_path_httpd_root
drwxr-xr-x 6 root root 4096 2007-05-21 15:30 openssl
drwxr-xr-x 6 root root 4096 2007-05-21 15:47 php
drwxr-xr-x 4 root root 4096 2007-05-21 15:47 scripts
drwxr-xr-x 4 root root 4096 2007-05-21 15:47 standard_cgis
drwxr-xr-x 2 root root 4096 2007-05-21 15:47 sv
-rwx------ 1 root root 9389 2007-05-21 15:47 uninstall
mail:~#
Reply With Quote
  #10  
Old 31st May 2007, 14:13
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,721 Times in 2,562 Posts
 
Default

Ok, can you rename one of those Vhosts_ispconfig.conf files that have a date at the end to Vhosts_ispconfig.conf and run
Code:
httpd -t
? What's the output?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
New Setup Question using Debian ISPConfig Rocky Installation/Configuration 1 28th February 2007 19:00
Question about the The Perfect Setup - Debian Sarge (3.1) page 3 paulley Installation/Configuration 2 1st December 2006 01:33
SSL Setup In ISPConfig asyadiqin Installation/Configuration 1 6th August 2006 13:18
perfect setup suse 10 - phpmyadmin & mysql question reddog Server Operation 7 17th June 2006 12:59
mail server setup question paulley Installation/Configuration 22 14th June 2006 01:38


All times are GMT +2. The time now is 23:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.