Hello all, I have a fresh CentOS 7.2 install with ISPConfig 3.1. Webserver is running fine etc, but when I go to the https for my site, it only shows me the Apache welcome page. What could be the problem? Thanks in advance!!
It seems that when you go to the https of the same site as http, that it looks in the root html dir: /var/www/html While it should look into the same folder as the normal http.
This means that https is not enabled for that site or bo valid ssl cert has been created for the site yet.
Check the ip address you have set for your sites, and don't mix '*' with the actual shared ip address (use one or the other).
It worked before but I re-installed the server and now https is working for the ISPConfig admin page on port 8080, but it's not working anymore for the website. All SSL is enabled and csr, key and bundle correct at the config page.
When I remove the SSL option from the site, I get the bad cert warning and when I add an exception, it shows me the website with https but without cert (so what you expect it would do). When I enable the SSL option, it also shows me the bad cert warning but when I add an exception, it shows me the webserver root apache welcome page (Testing 123...)
After a little more digging in the error logs: [Thu Sep 22 16:15:26.794039 2016] [ssl:warn] [pid 11447] AH01909: RSA certificate configured for my.fqdn.eu:443 does NOT include an ID which matches the server name
Changing the virtualhost in my .vhost file from *:443 to my.fqdn.eu:443 makes it show the website but still with an error. Checking the cert its trying to use it says my in the common name instead of my.fqdn.eu
If it's self-signed, regenerate the certificate. If it's purchased I don't think I've ever come across that. Maybe my.fqdn.eu is present in a SAN?
It's not a self-signed. I don't understand why it worked perfectly before I re-installed the server, and now the cert is working fine for https://my.fqdn.eu:8080 (ISPConfig admin page) while it is not working for https://my.fqdn.eu And why would https://my.fqdn.eu show the apache welcome page: While http://my.fqdn.eu shows me the website like it should do?
The ispconfig vhost on port 80 is not related to the other one on port 80, so that one works and the other one not means nothing. Back to your original problem: apache will show the default vhost when there is no better matching vhost, this means that it will be shown when there is no vhost for this domain on port 443 with a matching IP (or *). 1) Ensure that my.fqdn.eu is not the server hostname. The server hostname points to the default vhost. 2) Check that you enabled the SSL checkbox on the first tab of the website in ispconfig. 3) Check that you entered the correct data into the SSL key field and SSL cert field (the data of your official SSL cert). The key and cert must match! 4) select "save certificate" on the ssl tab and press the save button, then wait 1 minute until the change got applied.
Thanks for your fast reply!! 1) The my.fqdn.eu IS the server hostname but this also worked before, I can try to change this if needed. 2) This SSL box is checked. 3) This is all correct. 4) I did this like it should be done
I changed the hostname and rebooted the server, same issue. This is showing on the https://my.fqdn.eu:8080 And this is showing on https://my.fqdn.eu
Did you have a look into the apache vhost file of the website to see if it contains a vhost portion for port 80 and one for the ssl port 443? If you need help by remote login then you should consider to contact Florian Schaal from ISPConfig business support http://www.ispconfig.org/get-support/?type=ispconfig
Yeah that's the strange thing, is has both *:80 and *:443 in the vhost file. Again doing a server re-install at the moment with a different hostname etc. so I'll let you know what my findings are.
Installed and configured a new server with a new hostname etc. Got the SSL working for both ISPConfig 8080 and normal website Will try to enable SSL now for postfix etc.