Hi Guys, I'm a new memeber here and this is my first post. I'm sure this site is as good as it's product, ISPConfig!. I'm having a problem with my server. My server is a CentOS 6.3 box with ISPConfig 3.0.4.6 installed, with Apache and Dovecot. I installed an SSL certificate from GoDaddy to use with my site, breezee.com, and the email that we're using with it. Both works more than fine. Suddenly, I can't login to ISPconfig interface. I was able to login to it for a while after installing the ssl certs and done security stuff with both webserver and mail server, but since yesterday I can't anymore. I tried many things and after restarting I get this error: (Error code: ssl_error_rx_record_too_long) Now I did (update.php) again and made sure that all files are referenced to correctly but still no help. I just don't know what could be the cause of this sudden problem as everything was running normal. Any help please ? Regards, Kareem.
The ssl certificate is either broken or does not exist. Are you able to access ispconfig with http ( not https) on port 8080?
Hi, Thank you for your reply. The system was working fine for more than a week, I used to login everyday to check status and logs from ISPConfig interface. This started yesterday suddenly. I can't login to http interface too. Btw, after reboot the SSL error above shows for a while, then after that the error doesn't show again and the page keeps loading for a while until it says: "The connection to breezee.com:8080 was interrupted while the page was loading." When the SSL error is showing and I try http://breezee.com:8080 it tells me that I can't use a proxy or something like that, but when the ssl error is not showing and it's taking a while to load then the http page takes a while to load without any output too. I'm using the same SSL certificate for the site and for ISPconfig, if you go to https://breezee.com and http://breezee.com everything works fire and you can see the certificate data. Shouldn't that mean that the SSL certificate is working fine ? Kareem.
Something is wrong with the ssl cert of the ispconfig vhost when you get this error. Please run the ispconfig update.php script again, when the updater asks you to create new ssl certificates for the ispconfig interface, then choose yes.
But that would change the key and csr files which is tied to the SSL certificate that I'm using which is not an ISPconfig issued one, right ?
Yes. But as your current ssl setup is broken so the best way to get it working again is to recreate the certs. If it is working again, you can try to restore the signed ssl certs to see which of the files is not ok.
Hi, Just did full update.php, nothing works now . Question, GoDaddy gives two files for SSL, one is the certificate_file.crt and the other one is gd_bundle.crt. Do I need to reference both of them in the config files for httpd, postfix, dovecot ? Also, do I need to reference the key file which the certs were created with?, I used the one in /usr/local/ispconfig/interface/ssl/ispserver.key to create my GoDaddy cert. Kareem.
I managed to restore the email service and the site, I created new cert files for ISPconfig different from the ones I'm using for my site and I reference to them, still can't login to ISPConfig interface!
This should give you the idea: http://www.howtoforge.com/securing-...h-a-free-class1-ssl-certificate-from-startssl
Hi Falko thanks for replying. I followed this guide to create my certificate in the first place, the only difference is I'm using GoDaddy SSL certificate. All services, postfix, dovecot, httpd are working fine with breezee mail and site, the only problem is the ispconfig interface. Everything is referenced or symlinked to the same keys and keychain file (which in this case is the gd_bundle.crt downloaded with breezee.com.crt from GoDaddy) Why would it give the ssl error the first while at boot and then after around 15 mins it doesn't give this error and keeps loading trying to connect until it times out without any output or error, I don't know. The other thing is that it was running normal for more than a week and used to login it to the interface everyday to check the Quota numbers, what broke it suddenly, I don't know. I'm not sure what else I can do to try and fix it, I know when it's resolved (hopefully ofcourse) it might be a very simple thing I'm missing somehwere. Kareem.
I just rememeber that during that installation of the server withe the guide (http://www.howtoforge.com/perfect-server-centos-6.3-x86_64-apache2-dovecot-ispconfig-3), wget mod_ruby didn't work because that file is not there any more. So I googled where I can fine mod_ruby-1.3.0.tar.gz with a direct link to wget it and I found one on http://ftp.riken.go.jp/pub/FreeBSD/distfiles/ruby/, do you think this might have something to do with it? Also, in your guide, adding a ca file to the dovect is not as it's done now because when that's used and you restart it, it will advise to use: ssl_ca = <file
I found out that I can't access the system from my internet at home, something is blocking me. I tried from somewhere else it works fine. It only blocks me to access ISPconfig interface, what could it be? Kareem.
I don't know what is blocking my access to port 8080. I turned iptables and fail2ban off with no help. I changed the port that ISPConfig listens to and now it works. I still have to findout what is blocking me from accessing that specific port from home! Hope you have an idea where I can look and thank you all very much for all your help.
