Hi there, Fairly long term ispconfig 3 user. Had great success on ubuntu/LAMP stack. Recently I relocated servers and started afresh. Decided to go with nginx. Follow your guide (ubuntu 12.04, nginx, ispconfig 3). It mostly seems to work except having real issues with the ssl directives. Seems the interface doesn't want to put in the relevant SSL directives in vhost IP:443 etc etc. None of the ssl sections in the templates are inserted. I've tried restarting, creating new sites with various combinations but alas no ssl. Is this an open bug or should I just go hack my vhosts manually? THanks. Nik
Are there vhost files in /etc/nginx/sites-available/ that end with the extension .err? There's no such bug, and SSL has always been working fine for me. I guess it's a problem with your setup.
Thanks for the reply, no err files were created, it just seems to ignore the SSL checkbox. Is there any log file I can go check? I've checked the cron.log, nothing there, ispconfig.log is empty. Nothing abnormal in syslog. Strangest thing. I can confirm that the ssl value in the web_domain table is getting correctly updated so I assume it's downstream from there.
Update: Figured out how to stick ispconfig in debug and manually execute server.sh. Here's the output when I ENABLE SSL. Looks like it's evidently tripping up. 04.02.2013-17:39 - DEBUG - Set Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock 04.02.2013-17:39 - DEBUG - Found 1 changes, starting update process. 04.02.2013-17:39 - DEBUG - Calling function 'ssl' from plugin 'nginx_plugin' raised by event 'web_domain_update'. 04.02.2013-17:39 - DEBUG - Calling function 'update' from plugin 'nginx_plugin' raised by event 'web_domain_update'. 04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16 04.02.2013-17:39 - DEBUG - exec: chmod 751 /var/www/clients/client6/web16/* 04.02.2013-17:39 - DEBUG - exec: chmod 710 /var/www/clients/client6/web16/web 04.02.2013-17:39 - DEBUG - exec: chmod 777 /var/www/clients/client6/web16/tmp 04.02.2013-17:39 - DEBUG - exec: chmod 755 /var/www/clients/client6/web16/log 04.02.2013-17:39 - DEBUG - exec: usermod --groups sshusers web16 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/cgi-bin 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/ssl 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/tmp 04.02.2013-17:39 - DEBUG - exec: chown -R web16:client6 /var/www/clients/client6/web16/web 04.02.2013-17:39 - DEBUG - exec: chown web16:client6 /var/www/clients/client6/web16/log/error.log 04.02.2013-17:39 - DEBUG - SSL Disabled. shop.dasilvamotorsport.com 04.02.2013-17:39 - DEBUG - Writing the vhost file: /etc/nginx/sites-available/shop.dasilvamotorsport.com.vhost 04.02.2013-17:39 - DEBUG - Writing the PHP-FPM config file: /etc/php5/fpm/pool.d/web16.conf 04.02.2013-17:39 - DEBUG - nginx status is: 1 04.02.2013-17:39 - DEBUG - Calling function 'restartHttpd' from module 'web_module'. 04.02.2013-17:40 - DEBUG - nginx online status after restart is: 1 04.02.2013-17:40 - DEBUG - Processed datalog_id 126 04.02.2013-17:40 - DEBUG - Remove Lock: /usr/local/ispconfig/server/temp/.ispconfig_lock So it's seeing the update but not reading the SSL flag in the web_domain table. The flag is correctly set there at least.
OK, figured it out. It seems nginx_plugin.inc.php is not only checking for the SSL enabled flag, it also checks for 3 cert files in the vhost/ssl path. Once you put them in it will actually enable SSL. Personally I think this check is overkill and a little confusing but I guess it is what it is. At least we have an ssl vhost directive now. Now my bigger issue is that for my 2 SSL (dedicated IP hosts) I'm getting Error 500 on https and http. It appears unrelated to ssl.
This check is necessary because if you put SSL directives in the vhost, but nginx cannot find the SSL files, it will refuse to start.
