Comodo SSL- Not loading web pages from https

Discussion in 'Installation/Configuration' started by jtheed, Oct 22, 2010.

  1. jtheed

    jtheed Member HowtoForge Supporter

    I am trying to install a Comodo SSL on my ISPConfig 3 site. I have the latest version of IPSConfig 3.0.3 on Debian 5.
    I did as per the instructions. Created the CSR and pasted it into Comodo's site. They in turn sent me 2 files, the .crt and a .ca-bundle.
    I copied and pasted the CRT into the SSL Certificate Window and the ca-bundle into the SSL Bundle window, on SSL Action I chose Save Certificate and then clicked on the Save button. I waited until I saw the Job Queue was clear and when I type in my url, then site always times out with nothing loading.
    I also tried copying the files directly into the SSL forder for this web site and I get the same result. There are no erros in the web site's log files and none in the apache2 log file. Port 443 is forwared to the Server's local IP. It is the ONLY one with an SSL among the 6 sites on the server. I have looked at all of the vhost files and only the one site I want to have an SSL has any mention of an SSL.
    When creating the SSL Request, I spelled out the state completely FLORIDA, the locality is a 2 word city DEERFIELD BEACH, organisation is TIDES MARINE, INC. organisation unit is SALES , country is US and the domain is I sent everything in uppercase except the domain name (didn't know if that matters).
    The IP address is set to the local ip address of the server, not the *

    The self assigned SSL works for ISPCONFIG on 8080 and in the past I have had a self assigned SSL for another site, but that has been removed and the SSL flag unchecked for that site quite a while ago.

    What do I try now?
  2. jtheed

    jtheed Member HowtoForge Supporter

    Chalk this up to inexperience with SSL's.
    Had a Server Crash and the IP has changed. I didn't update the IP at Comodo's site before I applied for a new SSL. :eek:
  3. jtheed

    jtheed Member HowtoForge Supporter

    I am out of ideas. Doesn't matter if I use the Comodo Cert or the Self Assigned Cert, the will not load any files. The ISPConfig will load using nd well as phpmyadmin.
    No errors are in the apache2 error log.

    Where do I look now?
  4. jtheed

    jtheed Member HowtoForge Supporter

    I deleted all of the SSL certs and removed the check mark on SSL for the domain, deleted the SSL Cert entries in ISPConfig, clicked save and let it all update.

    I then tried to install a self signed SSL as per the manual and still get nothing when I try to access the site via https. I have triple checked that port 443 is forwarded to the local IP address and this is the ONLY domain with an SSL Cert. I have the ip address shown in ISPConfig, not an * and www as the Auto Subdomain. The SSL Domain in the SSL Tab is set to

    Everything appears to be right and there are files in the .../web7/ssl folder that are not 0 bytes: listed as, (domainname is replaced for the actual domain name):

    ('s were added so it won't change to url's)

    but this is in the cron log
    Generating RSA private key, 2048 bit long modulus
    e is 65537 (0x10001)
    writing RSA key
    chmod: cannot access '/var/www/clients/client1/web7/*'

    Is that normal?
  5. falko

    falko Super Moderator ISPConfig Developer

    Can you post the output of
    ls -la /var/www/clients/client1/web7/

    Are there any errors in the Apache SSL error log?
  6. jtheed

    jtheed Member HowtoForge Supporter

    Only log file I see is /var/log/apache2/error.log and there are no errors about the SSL there:

    drwxr-xr-x  7 root root     4096 2010-10-29 10:16 .
    drwxr-xr-x 10 root root     4096 2010-10-22 12:52 ..
    lrwxrwxrwx  1 root root       16 2010-10-24 00:31 backup -> /var/backup/web7
    -rwxr-xr-x  1 web7 client1  1135 2010-10-29 06:08 .bash_history
    drwxr-xr-x  2 web7 client1  4096 2010-10-21 08:17 cgi-bin
    -rwxr-xr-x  1 root root       40 2010-10-28 13:02 .htpasswd_stats
    lrwxrwxrwx  1 web7 client1    40 2010-10-21 08:17 log -> /var/log/ispconfig/httpd/
    drwxrwxrwx  2 root root     4096 2010-10-21 14:12 PW
    drwxrwxrwx  3 web7 client1  4096 2010-10-28 11:13 ssl
    drwxrwxrwx  2 web7 client1  4096 2010-10-29 10:19 tmp
    drwxrwxrwx 42 web7 client1 20480 2010-10-28 14:29 web

    I did a reinstall of ISPConfig and now I get this:
    [warn] VirtualHost overlaps with VirtualHost, the first has precedence, perhaps you need a NameVirtualHost directive

    I had to make all other sites inactive so this one would show up on the internet. How do I fix this?
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    Go to system > server IP, click on a ip, disable the namevirtualhost checkbox and click on save. The click on the same ip, enable the checkbox again and click on save.
  8. jtheed

    jtheed Member HowtoForge Supporter

    Still no joy on the SSL working. Site just times out in the browser when using https. I have deleted the SSL for this domain and tried installing one on another domain that is on the same box and get no joy there either. Any ideas or thoughts about where to look would be great as I can't put up our Online Store until I get the SSL working.
  9. jtheed

    jtheed Member HowtoForge Supporter

    Final Update

    I am going to have to say that this was caused by a bad update from to 3.0.3. When I did a fresh install on another machine, I got a quite a few more icons etc in the new install than I could see in the update and the SSL cert works fine.
  10. falko

    falko Super Moderator ISPConfig Developer

    Did you clear your browser cache?
  11. jtheed

    jtheed Member HowtoForge Supporter

    Yes, it's set to clear on close and I did it manually just in case.

Share This Page