Hi all, Trying to set up a few SSL sites using SNI with ISPConfig 3.0.4.6 and Apache/2.2.3 ( first thought is apache version not high enough(2.2.12 minimum???).. If so how do I upgrade httpd to necessary version with CentOS 5.8 final as OS? Not seeing any RHEL related httpd versions available via yum... I have SNI enabled via control panel and I'm pretty sure I've entered all the necessary conf file settings ( <VirtualHost *:443>, SSLEngine On,SSLCertificateFile, SSLCertificateKeyFile, ServerName, ServerAlias, ServerAdmin etc...) I get these error messages via httpd error.log: Code: [Tue Jul 17 12:40:29 2012] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Tue Jul 17 12:40:29 2012] [warn] Init: SSL server IP/port conflict: siteone.co.uk:443 (/etc/httpd/conf/sites-enabled/100-siteone.co.uk.vhost:107) vs. sitetwo.com:443 (/etc/httpd/conf/sites-enabled/900-sitetwo.com.vhost:111) [Tue Jul 17 12:40:29 2012] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! The certs are created and in correct directories and referenced... Any ideas? Is the apache version the issue? More info needed? Many thanks for help!!
Hi, Maybe your openssl was not compiled with tls support. You can do an useful test. You can get some info running the phpinfo(). Code: touch phpinfo.php Edit it and add this: Code: <?php phpinfo(); ?> Run the script Code: php phpinfo.php|grep SSL Here is my output: Code: SSL => Yes SSL Version => OpenSSL/0.9.8k SSL Support => enabled OpenSSL support => enabled OpenSSL Library Version => OpenSSL 0.9.8k 25 Mar 2009 OpenSSL Header Version => OpenSSL 0.9.8k 25 Mar 2009 OpenSSL support => enabled OpenSSL 0.9.8k and later has this enabled by default Cheers
Many thanks for the info/tip.. here's my output: Code: SSL => Yes SSL Version => OpenSSL/0.9.8b SSL Support => enabled OpenSSL support => enabled OpenSSL Library Version => OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 OpenSSL Header Version => OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 Native OpenSSL support => enabled and this from YUM: Code: PM Group : System Environment/Libraries Source : openssl-0.9.8e-22.el5_8.4.src.rpm Build Time : Tue May 29 18:28:29 2012 Install Time : Tue Jun 26 18:34:02 2012 License : BSDish I guess the issue might be the SSL version then? Any idea how I update this? No RHEL based repo updates/upgrades listed via YUM... Is there a repo I'm missing perhaps? Dependencies maybe an issue though ehh? Found these links that seem relevant here and here Seems to imply it would be better to jump up CentOS versions ( to 6.2 etc..) Thanks again for the reply!! Much appreciated!
