I deleted the certificates and made sure that /var/www/web#/ssl was empty. Then used ispconfig to generate a new csr and used that to rekey the GoDaddy cert. Uploaded the two files from GoDaddy's download: sf_bundle.crt and my.domain.com.crt into the web's ssl folder. Added the intermediate file directive to Apache directives:
Now, when I restart apache2 I get:
root@m2a74am-vm1:/# /etc/init.d/apache2 restart
* Restarting web server apache2
apache2: Syntax error on line 340 of /etc/apache2/apache2.conf: Could not open configuration file /etc/apache2/vhosts/Vhosts_ispconfig.conf: No such file or directory
and yes, there is no such file, only older versions:
root@m2a74am-vm1:/etc/apache2# ls vhosts
Since there were definitely no changes from the most recent file, and it contained the correct directives and certificate file names, I copied it to Vhosts_ispconfig.conf. Now Apache2 started successfully.
Question: where did the Vhosts_ispconfig.conf file go? It apparently was not re-created at a juncture when modifying the site configuration.
SSL is now up on the webmail site; the other sites are running as well. So, problem solved.
Diagnosis: The intermediate file is required for the GoDaddy cert.
The steps I ended up following to get SSL re-keying with GoDaddy to work in this one site (this is not
ssl for the ispconfig admin site on :81) were:
- Enter the directive
into the Apache Directives window on the Basis tab.
- Note the exact country, region, etc. in the original request.
- Delete the existing certificates with the Delete Certificates operation in the ispconfig panel.
- Make sure that /var/www/web##/ssl was emply.
- Generate a new csr using the same country, region, etc. as the original.
- From a terminal, cat and then copy the certificate request, paste it into the re-key window from GoDaddy, and the download the rekeyed certificate files.
- Unzip and transfer the new crt files to /var/www/web##/ssl
- Restart apache2