SSL certificate

Discussion in 'Installation/Configuration' started by chief, Dec 21, 2012.

  1. chief

    chief Member

    Hi all and a merry xmas

    I have a ispconfig server called subname.tlsystems.co.uk
    I also have my company website on it called tlsystems.co.uk as client 1, now my problem is with a comodo instantssl certificate.

    I have been having this issue since i installed ispconfig 3, 1 yr ago, but never got around to fix it properly.

    I have deleted all files (backed up before) in /var/www/tlsystems/ssl/
    I then logged in to the control panel (ISPCONFIG) went to website - tlsystems.co.uk - SSL tab. My original info was in the boxes - state, locality etc down to ssl domain. so i just clicked create certificate. a little time after i have 4 files.
    a *.crt, *.csr, *.key and *.key.org
    I logged on to instantssl and revoked my original cert and requested a new cert using the SSL request file which i emailed them. got it from /var/www/tlsystems.co.uk/ssl/
    I was then emailed back a zip fie containing 2 files a website_co_uk.ca-bundle and website_co_uk.crt.
    I backed up the old crt and filezilled them to ssl folder on server
    I purchased the manual for ispconfig 3 and also read on the forums about changing the IPv4 address from * to the actual IP. I cannot, only have * in Pull down..

    when i go to https://www.tlsystems.co.uk in internet explorer the certificate shows as localhost.localdomain, but viewed in firefox it is not supplying identity information.

    so please can anyone help with correctly putting 1 ssl certificate right

    cheers in advance

    dave
     
  2. till

    till Super Moderator

    Please follow the procedure as described in the manual chapter 5.4. The manual instructs you to enter the ssl cert that you got back from ssl authority into the ssl cert field in ispconfig, then select save as action and click on the save button.

    Then you might have missed to add your IP address under System > Server IP.
     
  3. chief

    chief Member

    Cheers for reply Till,

    Just saw and added IP address in system - Server IP addresses - add new IP
    done

    Pasted SSL certificate and SSL bundle.

    Just going to check now

    dave
     
  4. chief

    chief Member

    Till,

    Why does it say "This website does not supply ownership information"


    dave
     
  5. till

    till Super Moderator

    What kind of ssl cert id you buy? There are different kind of ssl certs available, the cheaper ones verify onle the domain and not the ownership of the domain. The ceaper ones are displayed e.g. In blue in the browser bar while the expensive ones with ownership validation have a green bar.
     
  6. falko

    falko Super Moderator

    Because the certificate is domain-validated, not organization-validated.
     
  7. chief

    chief Member

    till,

    I broke it....

    I set an ip using system, this morning i could not access another domain i have under my client name, it pointed back to my main tlsystems.co.uk.
    I then went in to control panel and deleted IP where i set it yesterday, now i cannot access any site or adminpanel or phpmyadmin.. :(

    what is the best steps to fis / restore or cry


    dave
     
  8. chief

    chief Member

    I can ssh in.
    I have read log and found out httpd could not start

    I have deleted old dbispconfig and then imported last nights export, grant ispconfig user all access to database.

    is it possible or better to reinstall ispconfig, or chase errors

    dave
     
  9. chief

    chief Member

    got it,

    httpd logs had an error in the SSL certificate and line 124 of my main tlsystems.vhosts file, turn it off and hash out certificate line httpd then restarted and i can access ispconfig.

    thank god for backups and


    apachectl configtest

    tail -f /var/log/httpd/error_log

    merry xmas all

    dave
     
  10. chief

    chief Member

    Another question about SSL certificate and setting an IP address under system.

    When i did set an IP, all other domains in the server was then pointing back to tlsystems.co.uk.
    e.g. i have a domain called myhairyarse.com which i only use for email, so when i did set ip and updated * to the ip for tlsystems.co.uk. I could no longer logon to my myhairyarse.com/webmail as it pointed to my tlsystems.co.uk website..

    Do i need to update all sites to use the ip of server instead of *

    dave
     
  11. falko

    falko Super Moderator

    I always recommend to use a specific IP instead of *.
     
  12. chief

    chief Member

    Thanks for reply Falko,

    I have added IP, but do i change all sites hosted to use that specific ip instead of *

    dave
     
  13. chief

    chief Member

    answer my own question, yes.

    updated all sites to use IP instead of *, just been checking and it takes a few seconds to filter through.

    dave
     
  14. chief

    chief Member

    got 1 site which does not work, show my tlsystems.co.uk site.

    updated ipv4 to ip on all sites

    Further testing - i have updates all my sites to use specific IP. 1 of my sites displayes my www.tlsystems.co.uk, looked at other sites and another 2 displayes others from my server.

    any advice?xxx

    Ignore.. me being a silly idiot, delete cache, close browser or try another pc,. my PC had cached old sessions so was showing wrong /corrupt info.
     
    Last edited: Dec 28, 2012

Share This Page