I'm having problems with setting up SSL for a site I have SSL available and have created a self signed cert for the site in the SSL tab. When visiting https://www.domain.com I get an "SSL connection error" in the browser. Watching /var/log/apache2/error.log I can see the following whenever I refresh the browser: Code: [error] [client xx.xx.xx.xx] client denied by server configuration: /var/www/ Any ideas where I've gone wrong?
Thanks till. Yes, there is a .err vhost in the sites-available dir. Do I need to remove it, delete the ssl cert and try again?
You can leave the .err file, it gets removed by ispconfig. Deleting the ssl cert and creating a new one is the right procedure.
On the SSL tab, I selected "Delete certificate" then hit save. Watched the apache log and when apache restarted few minutes later went back to the SSL tab, selected "Create certificate" and hit save. Waited for apache to restart again and visited the https site. Same error. Anything else I should check? EDIT... Also notice that there are a load of .err files in /var/www/domain.com/ssl too.
The most likely reason is that you neterd details in the openssl fields (name, etc.) that openssl does not understand and therefor it fails to create the ssl cert. If you eneterd any special chars in these fileds. then please remove them.
There must be something in there that openssl dont like, otherwise you wont get .err files. If you like to debug the ssl cert creation, then take a look here: http://www.faqforge.com/linux/debugging-ispconfig-3-server-actions-in-case-of-a-failure/
Ok. Deleted the SSL cert. Ran server.sh manually with no errors. Created SSL cert. Ran server.sh manually and got this output: Code: /usr/local/ispconfig/server/server.sh 128032 semi-random bytes loaded Generating RSA private key, 2048 bit long modulus ..................+++ ........................................+++ e is 65537 (0x10001) writing RSA key finished. I can't see a problem there.
thats ok. and the new files are still saved with .err ending? Try this: rename the vhost file to vhost.bak and then rename the vhost.err file to .vhost and then try to restart apache. it will most likely fail, but it will show you the error message.
Got it. Code: Syntax error on line 158 of /etc/apache2/sites-enabled/100-domain.com.vhost: RewriteBase: only valid in per-directory config files Action 'restart' failed. The Apache error log may have more information. I had a "RewriteBase \" in the "Apache Directives" section for the site. Thanks for persisting Till!