Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Developers' Forum

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st October 2008, 23:51
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Question ISPC3 https vhosts missing

Hello,

I just installed ISPConfig from svn and I try to setup secure websites over https. Its an Debian etch server. The setup run through without errors.

Therefore I created a site and enabled the ssl checkbox in the domain tab. Then I head over to the ssl tab, put in state, organisation an country code and choose "Create Certificate". I clicked on save and was forwarded to the "Websites page". There were no error messages.

There is an domainname.vhost file created in /etc/apache2/sites-available, but that is just for port 80 not 443.
Shouldn't there be an config section for a vhost at *:443 ?
I tried both, the ipaddress and * as value for ipadress in domain tab... that made no difference.

Also, the apache-server wasn't listening on port 443, I had to enable this manually.

Is it possible to configure https with ISPC3?
Did I miss some required configs?
Can I create the necessary certificates with ISPC3?
I also would need certificates for the email server setup, but this is another topic.

I would appreciate some help...
Reply With Quote
Sponsored Links
  #2  
Old 1st November 2008, 12:17
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts
Default

The last time I tested this it worked for me. We cann add it to the buftracker for review.

Quote:
Is it possible to configure https with ISPC3?
yes.

Quote:
Did I miss some required configs?
Looks ok.

Quote:
Can I create the necessary certificates with ISPC3?
yes.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 1st November 2008, 12:30
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by till View Post
The last time I tested this it worked for me. We cann add it to the buftracker for review.
If I can help at this point, please tell me.
I'm on a clean server. Maybe I'll try the 3.0.0.7 instead of svn...
There is also no logfile for ispconfig. It wasn't created during install and if I touch /var/log/ispconfig/ispconfig.log it doesn't get filled. Ok, this could also tell me that everything is fine...
Reply With Quote
  #4  
Old 1st November 2008, 14:30
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Now I tried the current svn version (r508) at an virtual machine.

I followed the INSTALL_DEBIAN_4.0.txt and got everything running so I can login to the admin frontend.

There I put in the IP at system->edit server ip
and checked "HTTP NameVirtualHost" although I don't know what this setting triggers.

Then I created a client, gave him the ability to create shell/ftp user and databases.
after that I created a site (with admin still logged in), put domainname and ip address in and checked ssl box.

But there is no vhost config for the https site nor is apache listening on port 443

What is the procedure to enable or generate the ssl certificates?
I put in my settings in the ssl tab (locality, country,... ) and choose "create certificate".
Should I see something after hitting save?
Should there be an ssl request?
Or could I simply paste an certificate at the ssl certificate box?
Well, I also tried this, but nothing happend.

I would really like to handle the http/https websites with ispconfig 3. So if I can gave further settings or logfiles to get this solved give me a sign.
Reply With Quote
  #5  
Old 1st November 2008, 23:27
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Default

The creation of certificates seems not to work properly. I'm not sure why, but the csr, crt and key file is not created in the ssl directory.

I had to manually create the files, put them in to the ssl directory, trigger ssl enable event to get the ssl vhost config written.

I also had to anable apache to listen on port 443.
I wasn't sure if apache got restartet, so I did it by hand.

After that I finally can connect through https.

The certificate is not displayed on the ssl tab.


I hope this helps somebody... After playing in a virtual machine, now I can setup https on the "real" machine
Reply With Quote
  #6  
Old 2nd November 2008, 03:45
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

kalua,

First off thanks for reporting the issue. If you're willing to stick around and test things I'm sure we can fix the issue.

So, what steps(in detail please) did you have to take to get it working? (it's possible ISPConfig 3 is just missing a few steps in the process).

Also, you said the ssl cert wasn't being created properly. Could you test this again? just to double check? and if it still isn't being created properly, could you try to create one and see if everything works just find after it's created?(if it's just a matter of the cert isn't created or moved properly, but everything else works, then the bug fix should be rather simple.)

Thanks again. Let us know if you find any other bugs.

p.s. Do you have a bugtracker account yet? to http://bugtracker.ispconfig.org/
Reply With Quote
  #7  
Old 2nd November 2008, 12:21
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Default

I did a test on a clean virtual machine again by following INSTALL_DEBIAN_4.0.txt

I found out what I did wrong. In the ssl tab there are the following 5 fields:
-State
-Locality
-Organisation
-Organisation Unit
-Country

In my first setup I left Organisation Unit empty so no certificate got created. So the ISPConfig code is working, no modification needed. Maybe its possible to mark necessary field somehow, but that would be just an optical change.

But even the vhost for ssl ist now created, I had to enable apache to listen on port 443. This wasn't done by the script.

Ohh... I found an typo in the certificate email: webmatser@domain.tld


I'm sorry if I confused someone. Great work so far!
Reply With Quote
  #8  
Old 2nd November 2008, 12:26
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
Default

kalua, I believe what you found was very helpful. You found a bug that ISPConfig 3 doesn't 'force' users to give required information. That in itself is big. Just think of how many developer hours you just saved trying to find the bug you talked about.... :-D

I'll look into why port 443 isn't enabled on install.

Kalua, happy bug hunting.
Reply With Quote
  #9  
Old 2nd November 2008, 12:28
kalua kalua is offline
Member
 
Join Date: Oct 2008
Posts: 30
Thanks: 3
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by quentusrex View Post
kalua,

p.s. Do you have a bugtracker account yet? to http://bugtracker.ispconfig.org/
I registered but I'm not able to comment tickets.
Reply With Quote
  #10  
Old 2nd November 2008, 12:32
quentusrex quentusrex is offline
Senior Member
 
Join Date: May 2008
Posts: 174
Thanks: 6
Thanked 11 Times in 7 Posts
 
Default

Post your bugtracker username. Then just wait for Till to enable that for you. (I would if I could).

Kalua, would you be able to take a look at tracking down some of the other bugs that are posted? Or atleast see if you can recreate them? That'd be a big help.
Reply With Quote
Reply

Bookmarks

Tags
https, ispconfig3, ssl, vhost

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig: from http to https & from https to http Hans Tips/Tricks/Mods 13 13th March 2013 00:22
Backuppc : ssh always ask for password Trollineto Installation/Configuration 11 28th March 2008 15:09
ISPConfig on a RaQ2 mattm Installation/Configuration 12 23rd January 2008 19:17
required modules missing etag1949 Installation/Configuration 2 2nd June 2006 15:13
Help....package missing sbovisjb1 Installation/Configuration 3 31st March 2006 12:14


All times are GMT +2. The time now is 15:12.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.