Hello, I added this to bugtracker, adding ssl certificates can make ispconfig stop Working (Apache), if certificate has some error, apache will stop and you have to remove manualy(ssh) from vhost to restore the normal ispconfig service.
SSL Bug is this a bad question? Hello i did´t get any anwser for this, i assume that if ispconfig stops working from a faulty ssl certificate(added normaly from ispconfig) is not a bug then. My ssl is working i dont need any help. Thank you.
Since you've added this to the bugtracker, we will review this, but I don't think it's a bug in ISPConfig if there's a problem with the certificate.
Yes is a problem with certificate but ispconfig dont work after. And If it cant be verified is a big problem for webmasters that not know what to do. If we give the final client the permissions to add a certificate, that will make ispconfig server stop working for all clients.
ISPConfig tests if a ssl cert get created. Also apache is not complaining about a invalid cert if you test the apache config with "httpd -t", so there are not many options for ispconfig to find yout if a ssl cert works or not. If ispconfig restarts for apache to test if it works for every website and every change, your server might get restarted several times a minute which will bring your sites down as well. I guess the only usable option might be to disable the ssl settings for clients, so that only the admin can add ssl certs. What exactly did you enter into the cert feilds that make apache fail?
I add the same, ispconfig creates multiple files when i save the ssl with new values. generates ssl for domain and other for subdomain (www.domain and domain). if is the same domain and the certificates are clones why apache crashes ? Maybe the problem is on certificate type ? I use a Turbo ssl. Just a question, this type of certificate validates on browser, but does not make the browser url green. do you know if thats normal ? Thanks.
ISPConfig creates just one ssl cert for the domain or subdomain that you selected on the ssl tab. The other files are the csr and the key. Have you checked the ssl log? This is a proposal for a possible new feature. At the moment you can get the same result by creating the new website as admin for the client and do not enable the ssl checkbox. Clients can not enable ssl then as a client can not change a setting on the first website tab if the website had been created by the administrator.
The only errors that i have found. [Sat Apr 03 01:34:05 2010] [error] Unable to configure RSA server private key [Sat Apr 03 01:34:05 2010] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
SSL library error Same error. A Debian5/ispconfig3.0.2.1 working fine until yesterday morning. since apache fail to start. I've installed a new server. all ok until I past the rapidssl cert for one of my website. Apache fail to start : "Unabled to configure RSA server private key..." I delete the configuration of the cert in the vhost file and apache can start. No problem with the auto generated cert. what's wrong?
