SSL Configuration not generating

Discussion in 'Installation/Configuration' started by eoh7678, Jan 15, 2013.

  1. eoh7678

    eoh7678 New Member

    I have just completed an ISPConfig 3 + CentOS 6.3 64-bit deployment.

    I have a site set up and am trying to secure it using SSL.

    The site has been moved from another server so it already has an SSL certificate issued by GoDaddy.

    I entered all the information in to the SSL panel of ISPConfig, and when I save it, it does rewrite the config file, but it leaves the entire SSL virtualhost out.

    Am I doing something wrong?

    Attached image is showing the fully filled out SSL tab on the domain config in ISPConfig.

    Here's the generated config file (actual domain replaced with example.com) As you can see, it is missing the entire <VirtualHost 1.2.3.4:443> block:

    Code:
    <Directory /var/www/example.com>
        AllowOverride None
        Order Deny,Allow
        Deny from all
    </Directory>
    
    <VirtualHost 1.2.3.4:80>
          DocumentRoot /var/www/example.com/web
      
        ServerName example.com
        ServerAlias www.example.com
        ServerAdmin [email protected]
    	XSendFile On
    	XSendFilePath /var/www/clients/client1/web1/web
    
        ErrorLog /var/log/ispconfig/httpd/example.com/error.log
    
        Alias /error/ "/var/www/example.com/web/error/"
        ErrorDocument 400 /error/400.html
        ErrorDocument 401 /error/401.html
        ErrorDocument 403 /error/403.html
        ErrorDocument 404 /error/404.html
        ErrorDocument 405 /error/405.html
        ErrorDocument 500 /error/500.html
        ErrorDocument 502 /error/502.html
        ErrorDocument 503 /error/503.html
    
        <IfModule mod_ssl.c>
        </IfModule>
    
        <Directory /var/www/example.com/web>
            Options FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
            
            # ssi enabled
            AddType text/html .shtml
            AddOutputFilter INCLUDES .shtml
            Options +Includes
        </Directory>
        <Directory /var/www/clients/client1/web1/web>
            Options FollowSymLinks
            AllowOverride All
            Order allow,deny
            Allow from all
            
            # ssi enabled
            AddType text/html .shtml
            AddOutputFilter INCLUDES .shtml
            Options +Includes
        </Directory>
    
    
    
        # cgi enabled
    	<Directory /var/www/clients/client1/web1/cgi-bin>
          Order allow,deny
          Allow from all
        </Directory>
        ScriptAlias  /cgi-bin/ /var/www/clients/client1/web1/cgi-bin/
        AddHandler cgi-script .cgi
        AddHandler cgi-script .pl
        # suexec enabled
        <IfModule mod_suexec.c>
          SuexecUserGroup web1 client1
        </IfModule>
        # Clear PHP settings of this website
        <FilesMatch "\.ph(p3?|tml)$">
            SetHandler None
        </FilesMatch>
        # php as fast-cgi enabled
    	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
        <IfModule mod_fcgid.c>
            IdleTimeout 300
            ProcessLifeTime 3600
            # MaxProcessCount 1000
            DefaultMinClassProcessCount 0
            DefaultMaxClassProcessCount 100
            IPCConnectTimeout 3
            IPCCommTimeout 360
            BusyTimeout 300
        </IfModule>
        <Directory /var/www/example.com/web>
            AddHandler fcgid-script .php .php3 .php4 .php5
            FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php
            Options +ExecCGI
            AllowOverride All
            Order allow,deny
            Allow from all
        </Directory>
        <Directory /var/www/clients/client1/web1/web>
            AddHandler fcgid-script .php .php3 .php4 .php5
            FCGIWrapper /var/www/php-fcgi-scripts/web1/.php-fcgi-starter .php
            Options +ExecCGI
            AllowOverride All
            Order allow,deny
            Allow from all
        </Directory>
    
    
        # add support for apache mpm_itk
        <IfModule mpm_itk_module>
          AssignUserId web1 client1
        </IfModule>
    
        <IfModule mod_dav_fs.c>
    	  # Do not execute PHP files in webdav directory
          <Directory /var/www/clients/client1/web1/webdav>
    	    <FilesMatch "\.ph(p3?|tml)$">
              SetHandler None
            </FilesMatch>
          </Directory>
          DavLockDB /var/www/clients/client1/web1/tmp/DavLock
          # DO NOT REMOVE THE COMMENTS!
          # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
          # WEBDAV BEGIN
          # WEBDAV END
        </IfModule>
    
    
    </VirtualHost>
    
     

    Attached Files:

  2. ressel

    ressel Member

    Did you enable the SSL check-box in the domain tab ?
     
  3. eoh7678

    eoh7678 New Member

    Yes. I even tried unticking the SSL box in the domain tab, waiting for the web config file to rewrite, then ticking it back on to see if it would rewrite the SSL config, but that didn't work either- it still rewrites without the SSL virtualhost.
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    This indicates that apache failed to start after ispconfig tried to enable ssl in this vhost so ispconfig had to do a config rollback and put back the vhost without ssl.

    The reason is most likely a wrong ssl key as you use an existing ssl cert. If a existing cert is used, you have to replace the ssl key file of the website with the key that was used to generate the cert. Detailed instructions can be found in the manual chapter 5.4.1.
     

Share This Page