I have a fresh install of ISPconfig on CentOS 4 I install an SSL certificate for my site and I went to restart apache. Apache will not start if I have the SSL enabled for the site. Here is the output from the error log: Code: [Fri Aug 08 11:29:04 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:09 2008] [notice] caught SIGTERM, shutting down [Fri Aug 08 11:29:10 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Aug 08 11:29:10 2008] [notice] Digest: generating secret for digest authentication ... [Fri Aug 08 11:29:10 2008] [notice] Digest: done [Fri Aug 08 11:29:10 2008] [notice] Apache/2.0.52 (CentOS) configured -- resuming normal operations [Fri Aug 08 11:29:15 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:15 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:20 2008] [notice] SIGHUP received. Attempting to restart [Fri Aug 08 11:29:20 2008] [notice] Digest: generating secret for digest authentication ... [Fri Aug 08 11:29:20 2008] [notice] Digest: done [Fri Aug 08 11:29:22 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Aug 08 11:29:23 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Aug 08 11:29:42 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Aug 08 11:29:43 2008] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Fri Aug 08 11:29:43 2008] [notice] Digest: generating secret for digest authentication ... [Fri Aug 08 11:29:43 2008] [notice] Digest: done [Fri Aug 08 11:29:44 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:44 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:44 2008] [notice] Apache/2.0.52 (CentOS) configured -- resuming normal operations [Fri Aug 08 11:29:45 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:45 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:46 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:46 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:48 2008] [error] an unknown filter was not added: PHP [Fri Aug 08 11:29:48 2008] [error] an unknown filter was not added: PHP
Take a look here: http://www.howtoforge.com/forums/showthread.php?t=15273&highlight=$go_info["server"]["apache2_php"] Are there any errors in the SSL error log?
Thank you That did it. I still seem to be having an issue with the certificate though. If I try to go to https://mydomain.com, I get a invalid security certificate warning. I went through the install process several times in ISPconfig,but it doesn't seem to make a difference. It seems to be pulling the self-signed certificate, not the one I bought from Godaddy. How to I change the server config so that the IP is not shared and so it will use the specific certificate?
Well I spoke too soon. Code: $go_info["server"]["apache2_php"] = 'both'; to: $go_info["server"]["apache2_php"] = 'addtype'; Worked for a while, but I had to restart apache after changing my php.ini file and now my site won't load if I check SSL. I rechecked the config.inc.php file and it hasn't changed. Is there any hope for ISPconfig supporting SSL? I really like it but I need SSL support.
What a question ISPConfig supports SSL, otherwise there were not the SSL checkboxes. Please post the exact error messages that you get in the error log of the website when you turn on SSL.
Yes, please look in the gloabl apache error log and in the error log of the website which is inside of the log directory in the website root.
Well I figured out from the log why the site wouldn't come up with ssl enabled. There was a private key mismatch error, so I deleted the certificate. I redid the entire SSL process outlined here: http://www.ispconfig.org/downloads/manual_en/manual_kunde_en_src.htm#4_2_4 But I still get: Secure Connection Failed www.alohabroadband.com uses an invalid security certificate. The certificate is not trusted because it is self signed. (Error code: sec_error_ca_cert_invalid) In Firefox, when I click to add exception and view the certificate, it is not the one I installed from GoDaddy. Is it pulling the certificate from a different place? The cert in my /ssl directory matches exactly the cert from Godaddy. Hmm... any help is appreciated.
That link says the exact same thing as the link I posted above. http://www.ispconfig.org/downloads/manual_en/manual_kunde_en_src.htm#4_2_4
Please do the steps exactly in the order as described there. You created a new certificate request and certificate already, that is fine. Now take this certificate request and login at godaddy and let it sign, then copy this new ssl certificate that must be based on the csr created by ispconfig back to your ispconfig server. The mistake you made the first time was that the ssl certificate you used from godaddy was not based on the csr created by ispconfig.
But I have followed these steps exactly about 10 times. The certificate from godaddy is on my server in the web1/ssl directory. But when I go to https://mydomain.com, I the certificate that is being pulled is a self signed cert. I can't even find the self-signed cert on my server, but the godaddy one is right in my SSL. Does it have anything to do with the fact that the IP is shared? There is no where is ISPconfig to set a private IP address.
Ok, it worked this time. I had to restart ISPconfig in order for it to be recognized. The instructions didn't say anything about restarting ISPconfig, so someone may think about adding that. Thanks...
There are a lot of posts about this but none from the beginning, so I'm still really confused. I bought an SSL certificate from godaddy. I enabled SSL on the website I want to be secure, gave godaddy the top portion of text, and they gave me two files: 1) gd_bundle.crt 2) www.mydomain.com.crt ...with the following instructions for installing the certificate: Code: Open the Apache ssl.conf file and add the following directives: SSLCertificateFile /path to certificate file/your issued certificate SSLCertificateKeyFile /path to key file/your key file SSLCertificateChainFile /path to intermediate certificate/null Save your ssl.conf file and restart Apache. I basically ignored these instructions and uploaded the two files they gave me to the site's SSL directory. I then added the following to the directives space on the website: Code: SSLCertificateChainFile/var/www/web#/ssl/gd_intermediate_bundle.crt Am I missing something? It still fails when I try and restart apache. Can it use the same IP address as everything else on the server? PLEASE help. This is driving me nuts.
