Mod SSL Apache 2

Discussion in 'Installation/Configuration' started by admins, May 4, 2009.

  1. admins

    admins HowtoForge Supporter

  2. till

    till Super Moderator

    This means that you have not created a ssl certificate for thsi IP / website yet. Create a website in ispconfig, select this IP for the website and then create a ssl certificate on the ssl tab of the website settings.
     
  3. OnePercentile

    OnePercentile New Member

    ssl ispconfig 3

    ** Update: I copied the cert files from ispconfig 2 into /var/www/site/ssl/ by hand and now working. At this point I should care that the UI is not performing at 100%, but I am anxious to get this server launched, so long as I can get by until UI catches up.

    Till, I am getting the same problem.

    SSL received a record that exceeded the maximum permissible length.

    (Error code: ssl_error_rx_record_too_long)

    I installed ISPCONFIG 3.0.1.1. I have looked through the vhost files and nothing in the site's name.vhost reflects any SSL information being entered on the UI. Port 443 is open and listening, and no namevirtual hosts running on 192.168.0.3:443, etc. My guess is that I'm suppose to add the SSL information manually into the file as the UI doesn't seem to be functional in this area yet?


    Also, copying previous SSL from ispconfig 2 manually into the site SSL fields of a site on ispconfig 3 adds into the UI/database, but does not reflect into any file under /etc/apache2 trunk.. Also, deleteing of SSL cert under site ui doesn't remove the certs. If this part of the UI is not completed yet, I will try manual approach or use optional apache directives..
    What should I do?

    Thanks

    Jordan
     
    Last edited: May 9, 2009
  4. gilas

    gilas Member

    the same...

    Tried and verified that the behavious is the same.
    Connection to my control panel through:

    https://myip:443/

    the following code appears:

    (Error code: ssl_error_rx_record_too_long)

    (?)
    thanx
     
  5. OnePercentile

    OnePercentile New Member

    Error code: ssl_error_rx_record_too_long

    Gilas, I was able to get this working shortly after my post.

    I don't remember what I did, (haha) but it was a combination of one of the following that I had failed to do:

    • Input the Certificates correctly so that there are no carriage returns in the copy and paste process..
    • ... and then wait for the ISPCONFIG 3 scripts to update the vhost file

    Then check the file to see if it has been rewritten/updated:

    Code:
    cat /etc/apache2/sites-enabled/domain.tld.vhost
    (Inserting domain.tld with your sitename)..

    If none of this helps, check back again. I don't remember it being complicated.. I mainly just needed to be patient for the scripts to update the vhost and restart the apache2 server for the new changes to take effect.

    One last thing, make friends with "tail -f /var/log/apache2/error.log" or similar
     
    Last edited: May 27, 2009
  6. gilas

    gilas Member

    It is not clear....

    Dear Till & co.
    it is not completely clear how to access to the cp using SSL mode.
    Instructions reports that I must to connect my cp:

    http://www.mysite.domain:8080

    this is not secured.

    Instead I tried to connect cp (as above, not SSL conn) and I've created two sites with SSL and certs self signed.

    If I go to:
    https://www.mysite.domain:443/

    I can't get the cp login screen.

    I tried using:
    https://my.ip.address.number:443/

    nothing to do, the answer is a screen with:

    "Welcome to your website!"

    restarting apache I see some error (but this time apache doesn't stops):
    Restarting web server: apache2[Wed May 27 08:15:29 2009] [warn] VirtualHost xxxx.xxxx.1.43:443 overlaps with VirtualHost xxxx.xxxx.1.43:443, the first has precedence, perhaps you need a NameVirtualHost directive
    [Wed May 27 08:15:29 2009] [warn] VirtualHost xxxx.xxxx.1.43:80 overlaps with VirtualHost xxxx.xxxx.1.43:80, the first has precedence, perhaps you need a NameVirtualHost directive
    ... waiting .[Wed May 27 08:15:31 2009] [warn] VirtualHost xxxx.xxxx.1.43:443 overlaps with VirtualHost xxxx.xxxx.1.43:443, the first has precedence, perhaps you need a NameVirtualHost directive
    [Wed May 27 08:15:31 2009] [warn] VirtualHost xxxx.xxxx.1.43:80 overlaps with VirtualHost xxxx.xxxx.1.43:80, the first has precedence, perhaps you need a NameVirtualHost directive

    How can I do to obtain SSL'ed access to cp?!? Thank you!
     
  7. till

    till Super Moderator

Share This Page