ISP Server Setup - OpenSUSE 10 - Page 6

3 Installing ISPConfig

I will install the current ISPConfig version. Download the current ISPConfig version from to your /tmp directory.

Unpack the ISPConfig-archive and change to the directory install_ispconfig:

tar xvfz ISPConfig*.tar.gz
cd install_ispconfig

Start the setup script


The installer will now compile an Apache with PHP5 that will run on port 81 and is needed by the ISPConfig system itself. It will not interfere with your existing Apache installation so you can go on unworried.

When the ISPConfig Apache is built, a custom SSL certificate is built. Therefore you are asked a few questions. You can accept the default values, or you can enter new values there, this does not matter:

In step 7 (Encrypting RSA private key of CA with a pass phrase for security [ca.key]) and step 8 (Encrypting RSA private key of SERVER with a pass phrase for security [server.key]) of the certificate creation process you are asked if you want to encrypt the respective key now. Choose n there because otherwise you will always be asked for a password whenever you want to restart the ISPConfig system which means it cannot be restarted without human interaction!

If the compilation fails, the setup is stopped and all compiled files are removed. From the error message you get you should be able to see the reason for the failure (in most cases a package (like the MySQL header files) is missing). Try to solve the problem and the re-run ./setup.

In case of success the setup goes on:

Please choose your language. This is the language of the ISPConfig interface.

Afterwards you are shown the ISPConfig licence (BSD licence). Please read it carefully! You accept it by typing y. If you do not want to accept the ISPConfig licence, type n, and the installation routine stops.

As installation mode I chose expert because i want to set the website root to /var/www. When you are asked for installation mode, type 2 and hit return.

Now you are ask if the daemons like postfix etc. are recognized correctly and for their file locations, chose yes y.

When you are asked:

Web-Root: /home/www
Is this correct? [y/n]

choose n and enter /var/www as Web-Root.

Now you are asked for some installation settings:

Please enter your MySQL server: localhost
Please enter your MySQL user: root
Please enter your MySQL password: (Enter the password you chose when setting up the MySQL Server)

Please enter a name for the ISPConfig database (e.g. db_ispconfig): db_ispconfig
Please enter the IP address of the ISPConfig web (e.g. (Enter your IP here)

Now you are ask to enter the host and domain of your server. If your server has a host and domainname, enter them now. As this is a test install in my local network, I leave the host empty and enter my IP address instead of the domain.

Please enter the host name (e.g. www):
Please enter the domain (e.g.

Please select the protocol (http or https (SSL encryption)) to use to access the ISPConfig system:
Your Choice:

After you have answered the questions ISPConfig should be duly installed. If you indicated www as host and as the domain during the installation, you will find the ISPConfig interface under or Here you can login first with the user name admin and password admin. It is recommended to change the password immediately! This can be done in the ISPConfig web interface under Tools -> Change password.

Then go to Management -> Server -> Settings in the ISPConfig control panel and tick the Maildir checkbox on the EMail tab.

If your server has more than one IP address, please check if your additional IP addresses have been correctly detected by the installation routine under Management -> Server ->
on the tab Server -> IP List.

You can find the whole ISPConfig installation instructions here:

The ISPConfig manuals can be found here:


Share this page:

24 Comment(s)

Add comment


From: Anonymous at: 2005-10-09 21:42:01

why do you reccomend using a text based OS? couldn't i just use KDE or GNOME?

From: Anonymous at: 2005-10-15 17:58:30

You -could-, but the author is presenting this as a server installation, not a desktop installation. Typically, your server is supposed to 'server', more than be a desktop. If you want to build a desktop system, use KDE, Gnome, whatever.

From: Anonymous at: 2005-10-13 21:51:36

Hi Falco - Thanks for what you do. I'm a "newbie". I have a 9.3 install, but want to upgrade to 10.0 any changes now that 10.0 has been released?


From: Anonymous at: 2005-11-18 21:31:01

Thank you very much for providing such an excellent material. Regards, Martin.

From: Anonymous at: 2005-12-04 00:48:49

Excellent writeup. I'd just like to add that I had to remove the startup/kill links and readd them to get the ispconfig_server and freshclam to start after reboot. For whatever reason, 3 different systems would not restart those things correctly after a reboot. Here is the easiest way to do it:

cd /etc/init.d ; find . -name ???ispconfig_server -exec rm {} \; ; chkconfig --add ispconfig_server

Works like a champ after that. Thanks for the great howto!

From: Anonymous at: 2005-12-27 20:37:03

I believe the procmail setup no longer works now that SUSE 10 Pro came out. From my experience all the tests mentioned here pass fine, but email sent to/from the server get lost with no error messages whatsover (I have not inspected the logs yet though).

Also, the courier-* IMAP package(s) no longer exist in the distribution. There is a package named imap, but that is it.

I used several of the other (non-email) configuration instructions and they all worked great. I look forward to an update to this HowTo for the formal SUSE 10 release.

From: Anonymous at: 2006-02-15 10:44:50

procmail works OK with suse 10.0 courier-imap is present on the dvd iso but not on the CD iso's, don't ask me why.

From: Anonymous at: 2006-02-21 17:25:22

I run a small web / email / dns server for a few of my clients. The current server was fast approaching 6 years old and needed to be upgraded. Along with a hardware upgrade, a peer of mine advised to switch from FreeBSD ( version 4.x ) to Suse 10. After many attempts to set the box up correctly ( I kept crossing stumbling blocks due to my lack of knowledge to any UNIX based O/S ), I found this manual...


The only issue occured during the whole setup was installing ISPConfig and it not accepting my mysql root passwrd. After 2+ hours I finally figured out that ISPConfig did not like special characters in mysql root password ( might want to add this tip to your manual :) ). Once that was figured out, smooth as silk !!!!

I rely greatly on the internet to help me manage my server and your manaul for setting up Suse as an ISP was greatly appreciated and kudos for writting it !!! Job well done !!

Keep up the great work !!

From: Anonymous at: 2006-04-07 14:17:04

I would like to thank you for this great manual.
I needed to replace a dead Sun Cobalt Webserver a.s.a.p. The only thing I had left standing was a normal server suitable for Suse 10. With this manual I setup the server with all the services with no problem at all. Hope to see a lot more manuals from you.

From: powderskier at: 2006-10-20 02:50:34


Hi Falko/Till,

 First off, you have both done an awesome job on the tutorial. You should really consider doing this professionally for Novell/Red Hat, since their documentation is fairly atrocious when it comes to missing steps or information.

 I want to ask how secure this setup is? Are people using this exact setup for production web servers? Is this meant only for testing environments? Could this be used for a company as an internal corporate web/intranet server provided its secure?

Has anyone audited this setup against snort, nessus, etc. 

Thanks for your time in helping others,


From: Anonymous at: 2005-11-21 08:46:47

When I went to the Management tab in ISPConfig and then to Services, POP3 was offline. I checked to see if it was offline by trying to telnet to the server using the 110 port.

In order to get this to work you have to enable it in yast.

In a console type yast this will start yast. Then go to System in yast, then system services. This is where you will enable the courier-pop and courier-pop-ssl services.

From: Anonymous at: 2005-12-08 11:59:39

I couldn't find courier-imap & courier-authlib on my 5 cd's or DVD (not the OpenSuSE version)...

Are they available only on Open version?

From: admin at: 2005-12-09 08:16:06

You have to set the installation source to the online repository like it is described in the howto.

From: at: 2005-09-19 04:36:16

/bin/sh /tmp/install_ispconfig/compile_aps/php-5.0.4/libtool --silent --preserve-dup-deps --mode=link gcc -g -O2 -rpath /tmp/install_ispconfig/compile_aps/php-5.0.4/libs -avoid-version -module -L/root/ispconfig/openssl/lib -R /root/ispconfig/openssl/lib ext/openssl/openssl.lo ext/openssl/xp_ssl.lo ext/ctype/ctype.lo ext/ftp/php_ftp.lo ext/ftp/ftp.lo ext/iconv/iconv.lo ext/mysql/php_mysql.lo ext/pcre/pcrelib/maketables.lo ext/pcre/pcrelib/get.lo ext/pcre/pcrelib/study.lo ext/pcre/pcrelib/pcre.lo ext/pcre/php_pcre.lo ext/posix/posix.lo ext/session/session.lo ext/session/mod_files.lo ext/session/mod_mm.lo ext/session/mod_user.lo ext/sockets/sockets.lo ext/spl/php_spl.lo ext/spl/spl_functions.lo ext/spl/spl_engine.lo ext/spl/spl_iterators.lo ext/spl/spl_array.lo ext/spl/spl_directory.lo ext/spl/spl_sxe.lo ext/sqlite/sqlite.lo ext/sqlite/sess_sqlite.lo ext/sqlite/libsqlite/src/opcodes.lo ext/sqlite/libsqlite/src/parse.lo ext/sqlite/libsqlite/src/encode.lo ext/sqlite/libsqlite/src/auth.lo ext/sqlite/libsqlite/src/btree.lo ext/sqlite/libsqlite/src/build.lo ext/sqlite/libsqlite/src/delete.lo ext/sqlite/libsqlite/src/expr.lo ext/sqlite/libsqlite/src/func.lo ext/sqlite/libsqlite/src/hash.lo ext/sqlite/libsqlite/src/insert.lo ext/sqlite/libsqlite/src/main.lo ext/sqlite/libsqlite/src/os.lo ext/sqlite/libsqlite/src/pager.lo ext/sqlite/libsqlite/src/printf.lo ext/sqlite/libsqlite/src/random.lo ext/sqlite/libsqlite/src/select.lo ext/sqlite/libsqlite/src/table.lo ext/sqlite/libsqlite/src/tokenize.lo ext/sqlite/libsqlite/src/update.lo ext/sqlite/libsqlite/src/util.lo ext/sqlite/libsqlite/src/vdbe.lo ext/sqlite/libsqlite/src/attach.lo ext/sqlite/libsqlite/src/btree_rb.lo ext/sqlite/libsqlite/src/pragma.lo ext/sqlite/libsqlite/src/vacuum.lo ext/sqlite/libsqlite/src/copy.lo ext/sqlite/libsqlite/src/vdbeaux.lo ext/sqlite/libsqlite/src/date.lo ext/sqlite/libsqlite/src/where.lo ext/sqlite/libsqlite/src/trigger.lo regex/regcomp.lo regex/regexec.lo regex/regerror.lo regex/regfree.lo ext/standard/array.lo ext/standard/base64.lo ext/standard/basic_functions.lo ext/standard/browscap.lo ext/standard/crc32.lo ext/standard/crypt.lo ext/standard/cyr_convert.lo ext/standard/datetime.lo ext/standard/dir.lo ext/standard/dl.lo ext/standard/dns.lo ext/standard/exec.lo ext/standard/file.lo ext/standard/filestat.lo ext/standard/flock_compat.lo ext/standard/formatted_print.lo ext/standard/fsock.lo ext/standard/head.lo ext/standard/html.lo ext/standard/image.lo ext/standard/info.lo ext/standard/iptc.lo ext/standard/lcg.lo ext/standard/link.lo ext/standard/mail.lo ext/standard/math.lo ext/standard/md5.lo ext/standard/metaphone.lo ext/standard/microtime.lo ext/standard/pack.lo ext/standard/pageinfo.lo ext/standard/parsedate.lo ext/standard/quot_print.lo ext/standard/rand.lo ext/standard/reg.lo ext/standard/soundex.lo ext/standard/string.lo ext/standard/scanf.lo ext/standard/syslog.lo ext/standard/type.lo ext/standard/uniqid.lo ext/standard/url.lo ext/standard/url_scanner.lo ext/standard/var.lo ext/standard/versioning.lo ext/standard/assert.lo ext/standard/strnatcmp.lo ext/standard/levenshtein.lo ext/standard/incomplete_class.lo ext/standard/url_scanner_ex.lo ext/standard/ftp_fopen_wrapper.lo ext/standard/http_fopen_wrapper.lo ext/standard/php_fopen_wrapper.lo ext/standard/credits.lo ext/standard/css.lo ext/standard/var_unserializer.lo ext/standard/ftok.lo ext/standard/sha1.lo ext/standard/user_filters.lo ext/standard/uuencode.lo ext/standard/filters.lo ext/standard/proc_open.lo ext/standard/sunfuncs.lo ext/standard/streamsfuncs.lo ext/standard/http.lo ext/tokenizer/tokenizer.lo TSRM/TSRM.lo TSRM/tsrm_strtok_r.lo TSRM/tsrm_virtual_cwd.lo main/main.lo main/snprintf.lo main/spprintf.lo main/php_sprintf.lo main/safe_mode.lo main/fopen_wrappers.lo main/alloca.lo main/php_scandir.lo main/php_ini.lo main/SAPI.lo main/rfc1867.lo main/php_content_types.lo main/strlcpy.lo main/strlcat.lo main/mergesort.lo main/reentrancy.lo main/php_variables.lo main/php_ticks.lo main/network.lo main/php_open_temporary_file.lo main/php_logos.lo main/output.lo main/streams/streams.lo main/streams/cast.lo main/streams/memory.lo main/streams/filter.lo main/streams/plain_wrapper.lo main/streams/userspace.lo main/streams/transports.lo main/streams/xp_socket.lo main/streams/mmap.lo Zend/zend_language_parser.lo Zend/zend_language_scanner.lo Zend/zend_ini_parser.lo Zend/zend_ini_scanner.lo Zend/zend_alloc.lo Zend/zend_compile.lo Zend/zend_constants.lo Zend/zend_dynamic_array.lo Zend/zend_execute_API.lo Zend/zend_highlight.lo Zend/zend_llist.lo Zend/zend_opcode.lo Zend/zend_operators.lo Zend/zend_ptr_stack.lo Zend/zend_stack.lo Zend/zend_variables.lo Zend/zend.lo Zend/zend_API.lo Zend/zend_extensions.lo Zend/zend_hash.lo Zend/zend_list.lo Zend/zend_indent.lo Zend/zend_builtin_functions.lo Zend/zend_sprintf.lo Zend/zend_ini.lo Zend/zend_qsort.lo Zend/zend_multibyte.lo Zend/zend_ts_hash.lo Zend/zend_stream.lo Zend/zend_iterators.lo Zend/zend_interfaces.lo Zend/zend_exceptions.lo Zend/zend_strtod.lo Zend/zend_objects.lo Zend/zend_object_handlers.lo Zend/zend_objects_API.lo Zend/zend_mm.lo Zend/zend_default_classes.lo Zend/zend_reflection_api.lo Zend/zend_execute.lo sapi/apache/sapi_apache.lo sapi/apache/mod_php5.lo sapi/apache/php_apache.lo main/internal_functions.lo -lcrypt -lcrypt -lmysqlclient -lssl -lcrypto -lresolv -lm -ldl -lnsl -lcrypt -lcrypt -o
/usr/lib64/gcc/x86_64-suse-linux/4.0.2/../../../../x86_64-suse-linux/bin/ld: /root/ispconfig/openssl/lib/libssl.a(s2_srvr.o): relocation R_X86_64_32 against `a local symbol' can not be used when making a shared object; recompile with -fPIC
/root/ispconfig/openssl/lib/libssl.a: could not read symbols: Bad value
collect2: ld returned 1 exit status
make: *** [] Error 1
ERROR: Could not make PHP
linux:/tmp/install_ispconfig #

From: at: 2005-09-19 07:22:19

Please post this in the forums -

From: admin at: 2005-09-19 07:48:33

Maybe these threads help you, it is not directly for SuSe10 but it shows you the direction of the problem. The ISPConfig installer has no x86_64 support yet, but with some small tweaks it will install on x86_64. Please post further questions to the forums.

From: at: 2005-09-19 18:59:53

Check BIOS settings.

Change BIOS setting for O/S = NO

Make sure when you exit the BIOS you save your changes.

Then try again.


From: at: 2005-09-19 12:15:06

This tutorial is absolutely outstanding, sir. Currently, I run a RH8 server with almost an identical setup.

The only major difference is that I use NAT, and DHCP both to recieve an IP address from Comcast (Argh...) and to send out addresses to my LAN. I also run sendmail, which I'm only moderately happy with. I built my server several years ago, and unfortunately haven't played with linux much since.

I'd like to rebuild from scratch, and this looks like a wonderful way to do it!

Several questions... How would I set up DHCP on eth1 (assuming eth0 is used to connect to the ISP) to send out internal LAN addresses? I'm sure it differs from when I did it years ago.

How do I set up routing so my LAN machines get internet access? What about security?

Any Samba tutorials that are as good as this one, screenshots and all?

And finally, do you have, or could you write a tutorial about a backup system, be it to tape, CD, or DVD also with screenshots? Most importantly, since I've never had to do it, I would love to see a step-by-step tutorial of the actual recovery process should a catastrophic failure occur.

Again, thanks for a great tutorial!!!


From: at: 2005-09-19 12:53:04

Please post this in the forums -

From: at: 2005-09-20 17:39:07

i install everything without errors but when i came to log into the ISPconfig interface i get the error.

Could not establish and encrypted connection because certificate presented by is invalid or corrupted. Error Code: -8182

thanx for your help in advance!

From: Anonymous at: 2005-10-11 11:14:55

I have the exact same error. This is something not right with the certificates I'd say. Would be nice to have some updated instructions..

From: Anonymous at: 2006-03-20 10:57:29

You can re-generate the ISPConfig SSL certificate like this:

openssl genrsa -des3 -passout pass:yourpassword -out /root/ispconfig/httpd/conf/ssl.key/server.key2 1024

openssl req -new -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.csr/server.csr -days 365

openssl req -x509 -passin pass:yourpassword -passout pass:yourpassword -key /root/ispconfig/httpd/conf/ssl.key/server.key2 -in /root/ispconfig/httpd/conf/ssl.csr/server.csr -out /root/ispconfig/httpd/conf/ssl.crt/server.crt -days 365

openssl rsa -passin pass:yourpassword -in /root/ispconfig/httpd/conf/ssl.key/server.key2 -out /root/ispconfig/httpd/conf/ssl.key/server.key

chmod 400 /root/ispconfig/httpd/conf/ssl.key/server.key

Then restart ISPConfig:

/etc/init.d/ispconfig_server restart


Josip Djuricic

From: Anonymous at: 2006-08-27 12:43:00

Thank you Josip. I had this problem and your solution worked first time for me.

From: Anonymous at: 2005-12-17 12:25:07