Cluster upgrade to 3.0.5 - SSL error

Discussion in 'Installation/Configuration' started by SamTzu, Feb 26, 2013.

  1. SamTzu

    SamTzu HowtoForge Supporter

    After the 3.0.5 upgrade we get this error...

    Apache never required Cert password before the upgrade. Looks like I have to regenerate the keys.

    I found this instruction but it seems a little old.
    Any comments would be appreciated?

    http://www.howtoforge.com/forums/showpost.php?p=358&postcount=4
     
  2. till

    till Super Moderator

    This instructions are for ispconfig. 2 and not 3, so they dont apply to your issue.

    Did you create the ssl cert you used before with the ispconfig installer or id ou create it manually?
     
  3. SamTzu

    SamTzu HowtoForge Supporter

    I created it with ISPConfig.
    I probably should have chosen to re-create the SSL when it was asked.
    Is there a way to recreate them with ISPConfig?
    There seem to be no upgrade problems with other nodes that do not use SSL.
     
    Last edited: Feb 26, 2013
  4. till

    till Super Moderator

    Yes. Redo the update by using the manual update instructions from release notes, the updater will ask ou if the ssl cert shall be recreated.
     
  5. SamTzu

    SamTzu HowtoForge Supporter

    Mae Culpa.
    I just remembered that I did create our own Cert a year back and moved it to use port 443 so this is probably the reason why the root node SSL is down.

    I can't seem to find the command to re-create the Cert.

    This will not ask to recreate the cert nor will it allow to define the port.

    I redid the cert using this manual. Apache restarts now without asking a password.
     
    Last edited: Feb 26, 2013
  6. SamTzu

    SamTzu HowtoForge Supporter

    Certificate Upgrade script

    I just upgraded our cluster to 3.0.5.1 and I can now say with confidence that ispconfig_update.sh and php -q update.php scripts do NOT include the option to upgrade/modify Certificate or Control Panel TCP port :)8080) if the node in question does not have Apache enabled (like our primary node that has only ISPConfig Control panel in it and nothing else.)

    So if you get in trouble with the Certificate or TCP port number - your troubles are multiplied :)
     

Share This Page