perfect install but no ISPconfig

Discussion in 'Installation/Configuration' started by provell, Oct 14, 2008.

  1. Net-Pet

    Net-Pet New Member

    Well now my apach2 is running but the ispconfig is not running.

    I tried https://192.168.10.104:81/

    Anyway the ssl is not working and it says
    /etc/init.d/ispconfig_server start
    Starting ISPConfig system...
    /root/ispconfig/httpd/bin/apachectl startssl: httpd could not be started
    FreshClam is already running!
    ISPConfig system is now up and running!

    Anyway notning on port 81
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Any errors in the error log in /root/ispconfig/httpd/log?
     
  3. Net-Pet

    Net-Pet New Member

    This is my error file

    [Wed Dec 17 16:03:31 2008] [error] mod_ssl: Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [Wed Dec 17 16:03:31 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [Wed Dec 17 16:07:02 2008] [error] mod_ssl: Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [Wed Dec 17 16:07:02 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [Wed Dec 17 16:14:28 2008] [error] mod_ssl: Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [Wed Dec 17 16:14:28 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [Wed Dec 17 16:18:20 2008] [error] mod_ssl: Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [Wed Dec 17 16:18:20 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data

    And also I have the ssl_engine_log

    [17/Dec/2008 16:03:31 25303] [info] Server: Apache/1.3.41, Interface: mod_ssl/2.8.31, Library: OpenSSL/0.9.8i
    [17/Dec/2008 16:03:31 25303] [info] Init: 1st startup round (still not detached)
    [17/Dec/2008 16:03:31 25303] [info] Init: Initializing OpenSSL library
    [17/Dec/2008 16:03:31 25303] [info] Init: Loading certificate & private key of SSL-aware server fozzie.stadler.dk:81
    [17/Dec/2008 16:03:31 25303] [error] Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [17/Dec/2008 16:03:31 25303] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [17/Dec/2008 16:07:02 27054] [info] Server: Apache/1.3.41, Interface: mod_ssl/2.8.31, Library: OpenSSL/0.9.8i
    [17/Dec/2008 16:07:02 27054] [info] Init: 1st startup round (still not detached)
    [17/Dec/2008 16:07:02 27054] [info] Init: Initializing OpenSSL library
    [17/Dec/2008 16:07:02 27054] [info] Init: Loading certificate & private key of SSL-aware server fozzie.stadler.dk:81
    [17/Dec/2008 16:07:02 27054] [error] Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [17/Dec/2008 16:07:02 27054] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [17/Dec/2008 16:14:28 27613] [info] Server: Apache/1.3.41, Interface: mod_ssl/2.8.31, Library: OpenSSL/0.9.8i
    [17/Dec/2008 16:14:28 27613] [info] Init: 1st startup round (still not detached)
    [17/Dec/2008 16:14:28 27613] [info] Init: Initializing OpenSSL library
    [17/Dec/2008 16:14:28 27613] [info] Init: Loading certificate & private key of SSL-aware server fozzie.stadler.dk:81
    [17/Dec/2008 16:14:28 27613] [error] Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [17/Dec/2008 16:14:28 27613] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [17/Dec/2008 16:18:20 28109] [info] Server: Apache/1.3.41, Interface: mod_ssl/2.8.31, Library: OpenSSL/0.9.8i
    [17/Dec/2008 16:18:20 28109] [info] Init: 1st startup round (still not detached)
    [17/Dec/2008 16:18:20 28109] [info] Init: Initializing OpenSSL library
    [17/Dec/2008 16:18:20 28109] [info] Init: Loading certificate & private key of SSL-aware server fozzie.stadler.dk:81
    [17/Dec/2008 16:18:20 28109] [error] Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [17/Dec/2008 16:18:20 28109] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data

    But what was going wrong here ? the ssl have been working fine prior
    to this upgrade.
     
  4. falko

    falko Super Moderator ISPConfig Developer

  5. Net-Pet

    Net-Pet New Member

    Hello thx for reply I trid to make a cetificate but still it's not solved but closer :)


    I did the following:

    openssl genrsa -des3 -passout pass:mypasswd -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024
    openssl req -new -passin pass:mypasswd -passout pass:mypasswd -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365
    openssl req -x509 -passin pass:mypasswd -passout pass:mypasswd -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365
    openssl rsa -passin pass:mypasswd -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key
    chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key


    After this I have the following errors in

    /root/ispconfig/httpd/logs/ssl_engine_log:
    [18/Dec/2008 15:21:44 20564] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [18/Dec/2008 15:25:22 21057] [info] Server: Apache/1.3.41, Interface: mod_ssl/2.8.31, Library: OpenSSL/0.9.8i
    [18/Dec/2008 15:25:22 21057] [info] Init: 1st startup round (still not detached)
    [18/Dec/2008 15:25:22 21057] [info] Init: Initializing OpenSSL library
    [18/Dec/2008 15:25:22 21057] [info] Init: Loading certificate & private key of SSL-aware server fozzie.stadler.dk:81
    [18/Dec/2008 15:25:22 21057] [error] Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)

    And the /root/ispconfig/httpd/logs/error_log says:

    [Thu Dec 18 15:21:44 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data
    [Thu Dec 18 15:25:22 2008] [error] mod_ssl: Init: Unable to read server certificate from file /root/ispconfig/httpd/conf/ssl.crt/server.crt (OpenSSL library error follows)
    [Thu Dec 18 15:25:22 2008] [error] OpenSSL: error:0D06B08E:asn1 encoding routines:ASN1_D2I_READ_BIO:not enough data

    Currently is says:
    /etc/init.d/ispconfig_server stop
    Shutting down ISPConfig system...
    /root/ispconfig/httpd/bin/apachectl stop: httpd (no pid file) not running
    ISPConfig system stopped!
    [email protected]:~# /etc/init.d/ispconfig_server start
    Starting ISPConfig system...
    /root/ispconfig/httpd/bin/apachectl startssl: httpd could not be started
    ISPConfig system is now up and running!
    [email protected]:~# netstat -tap
    Active Internet connections (servers and established)
    Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
    tcp 0 0 localhost:mysql *:* LISTEN 3881/mysqld
    tcp 0 0 *:ftp *:* LISTEN 22590/proftpd: (acc
    tcp 0 0 192.168.10.104:domain *:* LISTEN 22573/named
    tcp 0 0 localhost:domain *:* LISTEN 22573/named
    tcp 0 0 localhost:953 *:* LISTEN 22573/named
    tcp 0 0 *:smtp *:* LISTEN 22531/master
    tcp 0 0 localhost:953 localhost:55941 TIME_WAIT -
    tcp6 0 0 *:imaps *:* LISTEN 3755/couriertcpd
    tcp6 0 0 *:pop3s *:* LISTEN 3789/couriertcpd
    tcp6 0 0 *:pop3 *:* LISTEN 3770/couriertcpd
    tcp6 0 0 *:imap2 *:* LISTEN 3735/couriertcpd
    tcp6 0 0 *:www *:* LISTEN 22439/apache2
    tcp6 0 0 *:ssh *:* LISTEN 4043/sshd
    tcp6 0 0 ip6-localhost:953 *:* LISTEN 22573/named
    tcp6 0 0 *:smtp *:* LISTEN 22531/master
    tcp6 0 0 *:https *:* LISTEN 22439/apache2
    tcp6 0 0 ::ffff:192.168.10:imaps ::ffff:192.168.10.:dict ESTABLISHED19927/couriertls
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47440 TIME_WAIT -
    tcp6 0 0 ::ffff:192.168.10.1:www 213-66-188-245-o27:2381 TIME_WAIT -
    tcp6 0 296 ::ffff:192.168.10.1:ssh ::ffff:192.168.10.:2892 ESTABLISHED19999/0
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47441 TIME_WAIT -
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47442 TIME_WAIT -
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47438 ESTABLISHED22449/apache2
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47439 TIME_WAIT -
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47435 FIN_WAIT2 -
    tcp6 0 0 ::ffff:192.168.10.1:www ::ffff:130.226.15:47430 FIN_WAIT2 -

    Anysuggestions ?
     
  6. falko

    falko Super Moderator ISPConfig Developer

    Did you accept all default values when you recreated the cert?

    What's the output of
    Code:
    ls -la /root/ispconfig/httpd/conf/ssl.crt/
    ?
     
  7. Net-Pet

    Net-Pet New Member

    My output is
    [email protected]:~# ls -la /root/ispconfig/httpd/conf/ssl.crt/
    total 452
    drwxr-xr-x 2 root root 4096 2008-12-17 15:41 .
    drwxr-xr-x 7 root root 4096 2008-12-17 16:02 ..
    lrwxrwxrwx 1 root root 19 2008-12-17 16:02 0cf14d7d.0 -> snakeoil-ca-dsa.crt
    lrwxrwxrwx 1 root root 16 2008-12-17 16:02 5d8360e1.0 -> snakeoil-dsa.crt
    lrwxrwxrwx 1 root root 16 2008-12-17 16:02 82ab5372.0 -> snakeoil-rsa.crt
    -r-------- 1 root root 418567 2008-12-17 15:41 ca-bundle.crt
    lrwxrwxrwx 1 root root 19 2008-12-17 16:02 e52d41d0.0 -> snakeoil-ca-rsa.crt
    -rw-r--r-- 1 root root 1522 2008-12-17 15:41 Makefile
    -rw-r--r-- 1 root root 1386 2008-12-17 15:41 README.CRT
    -r-------- 1 root root 68 2008-12-17 15:41 server.crt
    -r-------- 1 root root 1472 2008-12-17 15:41 snakeoil-ca-dsa.crt
    -r-------- 1 root root 1192 2008-12-17 15:41 snakeoil-ca-rsa.crt
    -r-------- 1 root root 1452 2008-12-17 15:41 snakeoil-dsa.crt
    -r-------- 1 root root 1176 2008-12-17 15:41 snakeoil-rsa.crt

    I don't need any informations in the certificate but I think a few fields
    are needed - else it will not be anble to make the certificate...

    Suggetions are very welcome Falko...
     
  8. falko

    falko Super Moderator ISPConfig Developer

    When you recreate the certificate, it shows you some default values (something about Snakeoil, etc.). Just press Enter to accept them.
     
  9. Net-Pet

    Net-Pet New Member

    Default s not working... it complain with the first field and says
    the [AU] is to loong even if just au or dk is used

    Anyway i just tried

    I just tried /root/ispconfig/httpd/bin/apachectl start

    And I can get the ispconfig running fine on port 81 but no
    ssl is working - so my problem is more related to the
    /root/ispconfig/httpd/bin/apachectl startssl
     
  10. falko

    falko Super Moderator ISPConfig Developer

    :confused::confused: I'm clueless...
     
  11. demasiadovivo

    demasiadovivo New Member

    I was having the same troubles when i attempt to install ISPConfig v2.2.29 on CentOS 5.2.
    I'd everything you said in this thread, but not even with this steps i finished a successful install. So i debugged the bash script setup2 and i found something that may cause the problem.
    Apparently the error appears when trying to execute a perl script (concretely spamassassin script). When the error occurs the script deletes the installation folder and then all the rest fails (moves, copies, installs, etc) and that's why all the error lines.
    Today i learn a new lesson (well, an old lesson that i sometimes forgot), YOU MUST READ ALL TO THE END!, yeah, in the last page of the tutorial "how to install a perfect Centos Server" (http://www.howtoforge.com/perfect-server-centos-5.2-p7) says that you must install perl-HTML-Parser perl-DBI perl-Net-DNS perl-Digest-SHA1 for ISPConfig, you do that with:
    #yum install perl-HTML-Parser perl-DBI perl-Net-DNS perl-Digest-SHA1
    I suppose that debian (an by transitive ubuntu) have similar packages.

    After that i didn't have other problems, now ISPConfig is installed and running. Remember to remove the old instalation (if you did one):
    rm -R /home/admispconfig
    rm -R /root/ispconfig
    and remove the database created by the old instalation:
    mysql> drop database db_ispconfig
    "mysql>" means that it is executed with the mysql client. db_ispconfig is the default name of the database created by ISPConfig, if you have other name, well, replace it in the command.

    I hope i can help somebody with this.
     
    Last edited: Jan 28, 2009
  12. bogie

    bogie New Member

    solution to openssl problems is fairly easy: use /root/ispconfig/openssl/bin/openssl instead of /usr/bin/openssl ;)
     
  13. MrWebby

    MrWebby New Member

    Worked

    you, sir , have saved my work! Thanks! Stay alive!
     

Share This Page