Configuring SSL

Discussion in 'Installation/Configuration' started by pebkac, Oct 30, 2012.

  1. pebkac

    pebkac Member HowtoForge Supporter

    Hey all,

    I've decided to use SSL on one of my servers. It was already running and hosting the site on Perfect Ubuntu 12.04 ISPConfig server. I followed this tutorial http://www.howtoforge.com/securing-...h-a-free-class1-ssl-certificate-from-startssl
    to get SSL. As far as that tutorial goes it does not make clear any other setting that need to be done from within ISPConfig. I did check the SSL box on the site and added an IP to the server and made sure it is being used. When I try and go to the site with SSL I get this in the apache error.log
    Code:
    [Tue Oct 30 04:01:08 2012] [error] [client 96.229.205.165] client denied by server configuration: /etc/apache2/htdocs
    I followed the tutorial to a tee and did not do anything on the SSL tab within ISPConfig.

    Code:
    root@dor:/etc/apache2# grep -Ri SSLCertificateFile *
    sites-available/ispconfig.vhost~:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
    sites-available/default-ssl:	#   SSLCertificateFile directive is needed.
    sites-available/default-ssl:	SSLCertificateFile    /etc/ssl/certs/ssl-cert-snakeoil.pem
    sites-available/default-ssl:	#   the referenced file can be the same as SSLCertificateFile
    sites-available/ispconfig.vhost:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
    sites-enabled/000-ispconfig.vhost:  SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
    root@dor:/etc/apache2#
    when I restart apache
    Code:
    root@dor:/etc/apache2# /etc/init.d/apache2 restart
     * Restarting web server apache2                                                                   [Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 184.169.151.252:443 has no VirtualHosts
    [Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 10.166.185.147:80 has no VirtualHosts
    [Tue Oct 30 04:11:58 2012] [warn] NameVirtualHost 10.166.185.147:443 has no VirtualHosts
     ... waiting [Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 184.169.151.252:443 has no VirtualHosts
    [Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 10.166.185.147:80 has no VirtualHosts
    [Tue Oct 30 04:11:59 2012] [warn] NameVirtualHost 10.166.185.147:443 has no VirtualHosts
                                                                                                [ OK ]
    root@dor:/etc/apache2# 
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    The tutorial you used ti about securing the ispconfig interface with a ssl certificate from startssl plus using this ssl cert for the mailserver. It is not about using ssl in a website that you created in ispconfig.

    To use ssl in a ispconfig website, enure that you selcetd a IP ddress and not * in the site settings, enable the ssl checkbox and then create a new ssl certificate on the ssl tab. The steps are also described in detail in the manual.
     
  3. pebkac

    pebkac Member HowtoForge Supporter

    Oh, sorry about that. I see that now...well it works as it should. So when I create SSL for sites its all down on the SSL tab? And I can use StartSSL certs to do so?

    --Steve
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Nothing should be down when you create a ssl cert. If the server is down, then something wrong was entered in the ssl fields so that apache was not able to start again. Delete the vhsot file of the affected site in /etc/apache2/sites-enabled/ and start apache again, then login to ispconfig, disable ssl for the site and create a new ssl cert, then enable ssl again.

    You can use any ssl certificate authority.
     

Share This Page