Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 8th June 2007, 19:11
chuckl chuckl is offline
Senior Member
 
Join Date: May 2007
Location: Uxbridge, Middlesex, UK
Posts: 166
Thanks: 1
Thanked 20 Times in 20 Posts
Default

I know Till, it's a copy of the ispconfig created stuff. I only have one IP, a router that will only allow 1 DMZ machine and IP, several domains on that IP that need SSL, and an ISP that wants ridiculous amounts of money per additional IP. So it was easiest to create a subjectAltName certificate, disable the SSL in the ispconfig control panel, and add them manually, duplicating what ispconfig would have done.
Reply With Quote
Sponsored Links
  #12  
Old 8th June 2007, 19:15
isalandr isalandr is offline
Junior Member
 
Join Date: Jun 2007
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

okay, i'm a little confused. i see what you're referring to, but i'm lost on the apache2.conf thing. ours is SLES10, and we have httpd.conf in /etc/apache2. is apache2.conf in your system the same as httpd.conf in ours?

as for that ispconfig-created SSL entry stuff, when i click the enable SSL checkbox under ispconfig, it does NOT create an entry like that in vhosts. i'm not sure what it *does* do, but what you show is definitely not it.

i can add in manually the SSL stuff that you show, if that will work. that still doesn't help me identify where apache is loading any other SSL or RSA information. in order to make SSL work with a given virtual host, i need that "SSLEnable On" statement in the vhost definition. if i enter that statement, i get the "Multiple RSA server certificates not allowed" error. for me, i think the first order of business is to identify what's causing that if possible. any suggestions?
Reply With Quote
  #13  
Old 8th June 2007, 19:23
ZuG ZuG is offline
Junior Member
 
Join Date: Jun 2007
Posts: 3
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Hey, I'm also working on this particular server. We tried changing the *443 reference to IP:443. Same error.
Reply With Quote
  #14  
Old 8th June 2007, 19:36
isalandr isalandr is offline
Junior Member
 
Join Date: Jun 2007
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

okay, i'm not any closer to solving this than i was.

i can connect to the server on port 443, using regular http, and it delivers the page it's supposed to deliver with SSL. i understand it's not supposed to do that. if i use https, i get this error: "[error] [client xx.xx.xx.xx] Invalid method in request \x80+\x01\x03\x01" and the page won't load.

that's without the statement SSLEngine On in the vhost reference. if i enable the SSLEngine On, i get "[error] Init: Multiple RSA server certificates not allowed".

both of these errors occur whether i have Listen 443 https in listen.conf or just listen 443. i'm very confused about the whole thing now. what are we doing wrong?
Reply With Quote
  #15  
Old 8th June 2007, 19:38
mlz mlz is offline
Senior Member
 
Join Date: Dec 2006
Posts: 189
Thanks: 16
Thanked 9 Times in 9 Posts
Default

Just a thought, have you tried to do a grep 443 * in your apache (system httpd) config directory? Also check any includes that are outside of the directory.
Reply With Quote
  #16  
Old 8th June 2007, 19:41
chuckl chuckl is offline
Senior Member
 
Join Date: May 2007
Location: Uxbridge, Middlesex, UK
Posts: 166
Thanks: 1
Thanked 20 Times in 20 Posts
Default

is apache2.conf in your system the same as httpd.conf in ours?


I would imagine so, I'm a Debian/Ubuntu type, so I'm not used to anything but the apache2.conf.
I think you should check your existing httpd.conf and vhosts_ispconfig.conf for any references to port 443, as well as sites-enabled files particularly ssl (crosses fingers and hopes SLES has a sites-enabled folder) for an SSLEngine On and certificate defines. There is often a default Apache define in there.
Reply With Quote
  #17  
Old 8th June 2007, 20:13
isalandr isalandr is offline
Junior Member
 
Join Date: Jun 2007
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Default

okay, i think i found an additional problem, i'm not positive, but i thought i'd mention it here and see what you think.

the version of Apache is 2.2.3-16.2, and i *think* it has SSL statically linked in from the original rpm. but at the same time, it looks like it's also calling mod_ssl as a DSO. so. if that's true. how do i fix it?

could this be the source of the multiple RSA error message we get when we try to use SSLEngine On?
Reply With Quote
  #18  
Old 8th June 2007, 22:05
chuckl chuckl is offline
Senior Member
 
Join Date: May 2007
Location: Uxbridge, Middlesex, UK
Posts: 166
Thanks: 1
Thanked 20 Times in 20 Posts
Default

I'd certainly believe that could do it. An httpd -l should give you a list of the static modules.
If so, would disabling the DSO cause it to work? Might be worth a quick a2dismod mod_ssl to check, before starting any rebuilds/recompiles?
Afraid I'm on Apache 2.0.55, so also not aware of any 2.2.2 vagaries.
Reply With Quote
  #19  
Old 16th November 2007, 15:53
jbravo jbravo is offline
Member
 
Join Date: Nov 2007
Location: Poland
Posts: 81
Thanks: 12
Thanked 3 Times in 2 Posts
 
Default

I've seen this problem by myself with trying to get ServerView management SSL working on my test SLES10 server. Had same errors.

And i couldn't find solution - then installed apache2 cocnfig files from old sles9 and... problem disappeard
So it is something with default ssl/vhost config in SLES10.

Now server is reinstalled with opensuse10.* perfect setup (but with SLES10 SP1) and SSL on my apache2 works without problem.

GreetZ .:JbRaVo:.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Not all virtual hosts work - ispconfig/apache dmtrotter Server Operation 6 30th January 2007 11:45


All times are GMT +2. The time now is 10:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.