Problem with SSL.

Discussion in 'Installation/Configuration' started by Qluripax, Jun 23, 2011.

  1. Qluripax

    Qluripax New Member

    Hi, new on ISPC-3 but have used ISPC-2 for some years now.

    I've trying to move a site from ISPC-2 to the new machine with ISPC-3. That site is using SSL with cert from comodo. I've tried to do as the manual says in 5.4.1 but can't get SSL to work. The error-code in firefox is ssl_error_rx_record_too_long

    I've (of course) fiddled around a lot and when i restart apache i got
    Code:
    [warn] NameVirtualHost IP-ADDRESS:443 has no VirtualHosts
    But it should. Looking in /etc/apache2/sites-available i had two files for my site, once that ends with .err. When i tried to use the .err file instead apache2 didn't like to start, so i restored the link to the working one. The working .vhost-file doesn't have SSL-directives in it.
    Also, the ISPC-3 GUI seams a bit strange, as i got different readings for that site logged in as admin or as customer.
    Any ideas about how to handle this?

    The machine is an VPS on debian 6 made with "perfect server setup".
     
  2. falko

    falko Super Moderator ISPConfig Developer

    Are there any errors in Apache's error log?

    Please run
    Code:
    a2enmod ssl
    /etc/init.d/apache2 restart
    to make sure that the SSL module is active.
     
  3. Qluripax

    Qluripax New Member

    I've already done that. And I got SSL working with an self-issued certificate. But not with the bought one.

    In the /var/log/apache2/error.log i got:

     
  4. falko

    falko Super Moderator ISPConfig Developer

    Just a guess, but did you copy your certificate to a wrong location? Where did you place it?
     
  5. Qluripax

    Qluripax New Member

    I've generated the .csr in the ISPConfig UI and pasted the .crt-file in "SSL-Certificate" in the same dialog (and did the save certificate action). As this is an site in production I've temporary disabled SSL.

    After your replay I tried to copy the .crt-file to the /var/www/<domain>/ssl-directory and enabled SSL in the GUI again. Now when restarting apache i got the following:
    Code:
    Restarting web server: apache2[Thu Jun 30 13:27:15 2011] [warn] NameVirtualHost <ip-address>:443 has no VirtualHosts
     ... waiting [Thu Jun 30 13:27:16 2011] [warn] NameVirtualHost <ip-address>:443 has no VirtualHosts
    
    The .vhost-file (etc/apache2/sites-enabled/<domain>.vhost) for that virtual host is missing directives about SSL. Shouldn't it be there?
    It seams that I have fucked up something but I can't see what....
     
  6. falko

    falko Super Moderator ISPConfig Developer

    Do you see an SSL vhost for your domain in /etc/apache2/sites-enabled/?
     
  7. Qluripax

    Qluripax New Member

    No I don't just the ordinary <domain>.vhost
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post the output of:

    ls -la

    from the ssl website directory and also post the <domain>.vhost.err file from the sites-available folder.
     

Share This Page