Navigation

vlados · #1 20th December 2010, 23:01

Hi,
I tried to use the SSL feature in the control panel for one site, but when I import the cert and give action Save certficate ... nothing happens.
https://domain.com not reposnd and in the vhost there is not *:443.
What to do?

till · #2 20th December 2010, 23:15

First you have to create a new certificate in ispconfig. Then take the csr thats was created by ispconfig and let it sign by a ssl authority. Then copy the cert that you got back in the ssl cert field and select save as action.

By the way, thats all described in detail in the manual and several posts here in the forum :-)

vlados · #3 20th December 2010, 23:21

yes, I did all this

till · #4 21st December 2010, 11:57

And the ssl site workked after you created the cert and stopped working as you imported the signed cert?

vlados · #5 24th December 2010, 00:43

Quote:

Originally Posted by till

And the ssl site workked after you created the cert and stopped working as you imported the signed cert?

No, the apache vhosts file didnt have :443 directive at all. When I make changes in the ispconfig panel to the ssl section it didn't update the file....

vlados · #6 30th January 2011, 00:07

So I found that when apache tries to restart it returns an error, but I can't find what is

30.01.2011-01:02 - WARNING - Apache did not restart after the configuration change for website tipswins.com Reverting the configuration. Saved non-working config as /etc/apache2/sites-available/tipswins.com.vhost.err

Code:

<VirtualHost *:80>
      DocumentRoot /var/www/tipswins.com/web
  
    ServerName tipswins.com
    ServerAlias *.tipswins.com
    ServerAdmin support@netlabs.bg

    ErrorLog /var/log/ispconfig/httpd/tipswins.com/error.log


    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 503 /error/503.html
	
    <Directory /var/www/tipswins.com/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client2/web47/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
    <IfModule mod_fcgid.c>
      
	  # SocketPath /tmp/fcgid_sock/
	  
	  # IdleTimeout n (3600 seconds)
	  # An idle fastcgi application will be terminated after IdleTimeout seconds.
      IdleTimeout 3600
	  
	  # ProcessLifeTime n (7200 seconds)
      # A fastcgi application will be terminated if lifetime expired, even no error is detected.
      ProcessLifeTime 7200
	  
	  # MaxProcessCount n (1000)
      # The max count of total fastcgi process count.
      # MaxProcessCount 1000
      
	  # DefaultMinClassProcessCount n (3)
      # The minimum number of fastcgi application instances for any one fastcgi application.
      # Idle fastcgi will not be killed if their count is less than n
      # Set this to 0, and tweak IdleTimeout
	  DefaultMinClassProcessCount 0
	  
	  # DefaultMaxClassProcessCount n (100)
      # The maximum number of fastcgi application instances allowed to run for
      # particular one fastcgi application.
      DefaultMaxClassProcessCount 100
	  
	  # IPCConnectTimeout n (3 seconds)
      # The connect timeout to a fastcgi application.
      IPCConnectTimeout 8
	  
	  # IPCCommTimeout n (20 seconds)
      # The communication timeout to a fastcgi application. Please increase this
      # value if your CGI have a slow initialization or slow respond.
      IPCCommTimeout 360
      
	  # BusyTimeout n (300 seconds)
      # A fastcgi application will be terminated if handing a single request
      # longer than busy timeout.
	  BusyTimeout 300
	  
    </IfModule>
    <Directory /var/www/tipswins.com/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
	<Directory /var/www/clients/client2/web47/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web47 client2
    </IfModule>

    <IfModule mod_dav_fs.c>
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>



<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################

<VirtualHost *:443>
      DocumentRoot /var/www/tipswins.com/web
  
    ServerName tipswins.com
    ServerAlias *.tipswins.com
    ServerAdmin webmaster@tipswins.com
    
    ErrorLog /var/log/ispconfig/httpd/tipswins.com/error.log

    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 503 /error/503.html

    SSLEngine on
    SSLCertificateFile /var/www/clients/client2/web47/ssl/tipswins.com.crt
    SSLCertificateKeyFile /var/www/clients/client2/web47/ssl/tipswins.com.key
    SSLCACertificateFile /var/www/clients/client2/web47/ssl/tipswins.com.bundle
    
	<Directory /var/www/tipswins.com/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client2/web47/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

# Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
    <IfModule mod_fcgid.c>
      # SocketPath /tmp/fcgid_sock/
	  # IdleTimeout n (3600 seconds)
	  # An idle fastcgi application will be terminated after IdleTimeout seconds.
      IdleTimeout 3600
	  
	  # ProcessLifeTime n (7200 seconds)
      # A fastcgi application will be terminated if lifetime expired, even no error is detected.
      ProcessLifeTime 7200
	  
	  # MaxProcessCount n (1000)
      # The max count of total fastcgi process count.
      # MaxProcessCount 1000
      
	  # DefaultMinClassProcessCount n (3)
      # The minimum number of fastcgi application instances for any one fastcgi application.
      # Idle fastcgi will not be killed if their count is less than n
      # Set this to 0, and tweak IdleTimeout
	  DefaultMinClassProcessCount 0
	  
	  # DefaultMaxClassProcessCount n (100)
      # The maximum number of fastcgi application instances allowed to run for
      # particular one fastcgi application.
      DefaultMaxClassProcessCount 100
	  
	  # IPCConnectTimeout n (3 seconds)
      # The connect timeout to a fastcgi application.
      IPCConnectTimeout 8
	  
	  # IPCCommTimeout n (20 seconds)
      # The communication timeout to a fastcgi application. Please increase this
      # value if your CGI have a slow initialization or slow respond.
      IPCCommTimeout 360
      
	  # BusyTimeout n (300 seconds)
      # A fastcgi application will be terminated if handing a single request
      # longer than busy timeout.
	  BusyTimeout 300
	  
    </IfModule>
    <Directory /var/www/tipswins.com/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
	<Directory /var/www/clients/client2/web47/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web47/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web47 client2
    </IfModule>

    <IfModule mod_dav_fs.c>
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
</IfModule>

falko · #7 30th January 2011, 16:16

Can you rename /etc/apache2/sites-available/tipswins.com.vhost to /etc/apache2/sites-available/tipswins.com.vhost.bak and rename /etc/apache2/sites-available/tipswins.com.vhost.err to /etc/apache2/sites-available/tipswins.com.vhost and then run

Code:

apache2 -t

? Does it report any syntax errors?

vlados · #8 30th January 2011, 16:45

root@server1:/etc/apache2# killall apache2
root@server1:/etc/apache2# apache2 -t
apache2: bad user name ${APACHE_RUN_USER}

Is this the right parameter? It this is for configtest:
root@server1:/etc/apache2# apache2ctl configtest
Syntax OK
root@server1:/etc/apache2# /etc/init.d/apache2 start
* Starting web server apache2 [fail]
root@server1:/etc/apache2#