Hi, I'm really very new to SSL Certificates. I found out on this forum that there is finally an instance that provides SSL Certificates for the right price ... Free ! (http://www.cacert.org/) The thing is, I'm not really familiar with SSL Certs, so i signed up, added a domain to it but now I'm kind of stuck Could someone help me with a nice and short description of how what and when with these certificates Thanks a lot !
Just signed upto this myself and I am in the same situation... what to do with them... I will have a look over the next day or two and post anything I find out. Thanks
1) Enable SSL in your ISPConfig website and hit save. 2) Go to the new SSL tab in the website settings in ISPConfig, enter the certificate details and select create as action and click on the save button. Now you will have to wait about a minute. 4) Go to the SSL tab again, now there is a certificate signing request in the one field, use this request to create a certificate a cacert.org. 5) enter the certificate code you got from cacaert.org in the certificate field on the ssl tab in ispconfig, select "save certificate" as action an click on the save button.
Ok makes sense, but in terms of making the cert on cacert, I have added a domain but when I try and create a certificate you are asked to provide a CSR does anyone know what you need to enter in this part of the form and in what format. Thanks
Ok seems to work sort of... but the fact that you can only have one ssl per ip address is still the case ? Is there a way around this? Thanks
yes. No. This limitation is part of the SSL protocaol, so its neither a apache nor ispconfig limitation.
Hi Till ! Thanks again for such a great and fast response. Seems to be a problem with my ISPConfig tough, doesn't seem to create me the request code. where should I start debugging ? Kind regards Pieter
Any errors in /home/admispconfig/ispconfig/ispconfig.log? What's the output of Code: ls -la /root/ispconfig ?
Did you follow these steps? 1) Enable SSL in your ISPConfig website and hit save. 2) Go to the new SSL tab in the website settings in ISPConfig, enter the certificate details and select create as action and click on the save button. Now you will have to wait about a minute. 4) Go to the SSL tab again, now there is a certificate signing request in the one field, use this request to create a certificate a cacert.org. 5) enter the certificate code you got from cacaert.org in the certificate field on the ssl tab in ispconfig, select "save certificate" as action an click on the save button.
Yup. Looks like some errors but not sure what they mean. Code: 08.02.2007 - 13:43:17 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1888: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf~ 08.02.2007 - 13:43:24 => INFO - Signalfile Set: insert 08.02.2007 - 13:43:28 => INFO - make_ssl_cnf /var/www/web4/ssl/openssl.cnf 08.02.2007 - 13:43:28 => WARN - /root/ispconfig/scripts/lib/config.lib.php, Line 1747: WARNING: could not openssl genrsa -des3 -rand /var/www/web4/ssl/random_file -passout pass:9193edc082a303a -out /var/www/web4/ssl/www.mysite.com.key.org 1024 && openssl req -new -passin pass:9193edc082a303a -passout pass:9193edc082a303a -key /var/www/web4/ssl/www.mysite.com.key.org -out /var/www/web4/ssl/www.mysite.com.csr -days 365 -config /var/www/web4/ssl/openssl.cnf && openssl req -x509 -passin pass:9193edc082a303a -passout pass:9193edc082a303a -key /var/www/web4/ssl/www.mysite.com.key.org -in /var/www/web4/ssl/www.mysite.com.csr -out /var/www/web4/ssl/www.mysite.com.crt -days 365 -config /var/www/web4/ssl/openssl.cnf && openssl rsa -passin pass:9193edc082a303a -in /var/www/web4/ssl/www.mysite.com.key.org -out /var/www/web4/ssl/www.mysite.com.key 08.02.2007 - 13:43:28 => WARN - WARNING: could not open file /var/www/web4/ssl/www.mysite.com.csr 08.02.2007 - 13:43:28 => WARN - WARNING: could not open file /var/www/web4/ssl/www.mysite.com.crt 08.02.2007 - 13:43:28 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 257: setquota -g web4 0 0 0 0 -a &> /dev/null 08.02.2007 - 13:43:28 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 258: setquota -T -g web4 604800 604800 -a &> /dev/null 08.02.2007 - 13:43:28 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 277: Connected successfully 08.02.2007 - 13:43:28 => INFO - USER: mysite.com_jess:x:10012:10004:Jessica:/var/www/web4:/bin/false 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 890: setquota -u mysite.com_jess 0 0 0 0 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 891: setquota -T -u mysite.com_jess 604800 604800 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 57: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web4/.forward 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 113: symlink /var/www/web4/Maildir 08.02.2007 - 13:43:29 => INFO - USER: mysite.com_aff:x:10022:10004:aff:/var/www/web4/user/mysite.com_aff:/bin/false 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 890: setquota -u mysite.com_aff 0 0 0 0 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 891: setquota -T -u mysite.com_aff 604800 604800 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 57: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web4/user/mysite.com_aff/.forward 08.02.2007 - 13:43:29 => INFO - USER: mysite.com_spam:x:10023:10004:spam:/var/www/web4/user/mysite.com_spam:/bin/false 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 890: setquota -u mysite.com_spam 0 0 0 0 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 891: setquota -T -u mysite.com_spam 604800 604800 -a &> /dev/null 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_procmail.lib.php, Line 57: cp -f /root/ispconfig/isp/conf/forward.master /var/www/web4/user/mysite.com_spam/.forward 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 137: cp -fr /etc/postfix/local-host-names /etc/postfix/local-host-names~ 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 284: cp -fr /etc/postfix/virtusertable /etc/postfix/virtusertable~ 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/classes/ispconfig_postfix.lib.php, Line 289: postmap hash:/etc/postfix/virtusertable 08.02.2007 - 13:43:29 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1230: cp -fr /etc/httpd/conf/vhosts/Vhosts_ispconfig.conf /etc/httpd/conf/vhosts/Vhosts_ispconfig.conf~ 08.02.2007 - 13:43:30 => INFO - /root/ispconfig/scripts/lib/config.lib.php, Line 1888: cp -fr /etc/proftpd_ispconfig.conf /etc/proftpd_ispconfig.conf and ispconfig directory looks like Code: [root@server ~]# ls -la /root/ispconfig total 104 drwxr-xr-x 9 root root 4096 Feb 8 10:51 . drwxr-x--- 6 root root 4096 Jan 6 15:36 .. -rwxr-xr-x 1 root root 33124 Dec 4 04:43 cronolog -rwxr-xr-x 1 root root 9673 Dec 4 04:43 cronosplit drwxr-xr-x 12 root root 4096 Dec 4 04:22 httpd drwxr-xr-x 12 root root 4096 Dec 4 04:43 isp -rw-r--r-- 1 root root 8 Feb 8 10:51 .old_path_httpd_root drwxr-xr-x 6 root root 4096 Dec 4 04:16 openssl drwxr-xr-x 6 root root 4096 Jan 16 16:14 php drwxr-xr-x 4 root root 4096 Dec 4 04:43 scripts drwxr-xr-x 4 root root 4096 Dec 4 04:43 standard_cgis drwxr-xr-x 2 root root 4096 Dec 4 04:43 sv -rwx------ 1 root root 9389 Dec 4 04:43 uninstall And yes, I am following steps correctly. Looks like some kind of openssl error but not sure what it means.
Sometimes it helps to restart ISPConfig or reboot the server. If that doesn't help, please post the output of Code: ls -la /var/www/web4/ssl
I have got exactly the same issue Hi All! Atm im having exactly the same problem, on an ubuntu 6.06 perfect + ISPC, followed the info, got same errormessage, after creating ssl cert in ISPC. Output from Code: ls -la /var/www/web4/ssl ls -la /var/www/web4/ssl total 12 drwxr-xr-x 2 web4_user web4 4096 2007-02-12 11:31 . drwxr-xr-x 9 web4_user web4 4096 2007-02-12 11:31 .. -r-------- 1 root root 0 2007-02-01 16:47 .no_delete -rw-r--r-- 1 root root 963 2007-02-12 11:45 www.mysite.com.key.org This is the file with the private part of the key. btw, thanks for making the howto's
Attempted and no difference. Here's results. Code: total 12 drwxr-xr-x 2 mysite.com_me web4 4096 Feb 8 13:43 . drwxr-xr-x 11 mysite.com_me web4 4096 Feb 8 13:43 .. -r-------- 1 root root 0 Dec 14 06:15 .no_delete -rw-r--r-- 1 root root 963 Feb 8 13:43 www.mysite.com.key.org
Daisy: Please execute this command as root user: Code: openssl genrsa -des3 -rand /var/www/web4/ssl/random_file -passout pass:9193edc082a303a -out /var/www/web4/ssl/www.mysite.com.key.org 1024 && openssl req -new -passin pass:9193edc082a303a -passout pass:9193edc082a303a -key /var/www/web4/ssl/www.mysite.com.key.org -out /var/www/web4/ssl/www.mysite.com.csr -days 365 -config /var/www/web4/ssl/openssl.cnf && openssl req -x509 -passin pass:9193edc082a303a -passout pass:9193edc082a303a -key /var/www/web4/ssl/www.mysite.com.key.org -in /var/www/web4/ssl/www.mysite.com.csr -out /var/www/web4/ssl/www.mysite.com.crt -days 365 -config /var/www/web4/ssl/openssl.cnf && openssl rsa -passin pass:9193edc082a303a -in /var/www/web4/ssl/www.mysite.com.key.org -out /var/www/web4/ssl/www.mysite.com.key Do you get any error message?
Yes I get an error I get this error: Code: 0 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus ................++++++ ..++++++ e is 65537 (0x10001) error on line -1 of /var/www/web4/ssl/openssl.cnf 22010:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/var/www/web4/ssl/openssl.cnf','rb') 22010:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125: 22010:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
I got this. Code: 0 semi-random bytes loaded Generating RSA private key, 1024 bit long modulus ......++++++ .............................................++++++ e is 65537 (0x10001) error on line -1 of /var/www/web4/ssl/openssl.cnf 12653:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/var/www/web4/ssl/openssl.cnf','rb') 12653:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125: 12653:error:0E078072:configuration file routines:DEF_LOAD:no such file:conf_def.c:197:
Please create the file /var/www/web4/ssl/openssl.cnf (e.g. like this): Code: RANDFILE = $ENV::HOME/.rnd [ req ] default_bits = 1024 default_keyfile = keyfile.pem distinguished_name = req_distinguished_name attributes = req_attributes prompt = no output_password = some_password [ req_distinguished_name ] C = DE Lower Saxony L = Lueneburg O = Example, Ltd. IT CN = example.com emailAddress = [email protected] [ req_attributes ] challengePassword = A challenge password Then run the command again. Any errors then?