Hi there everyone, Im running ISPConfig perfect Setup on Debian etch and when I enable SSL on a site the Vhosts_ispconfig.conf file doesn't change at all (and thus addressing it with https:// gives me an ugly looking error message). This could be related to me enabling TLS extensions following this howto: http://howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch However nobody seems to have had this sort of problem after following the instructions there... could it be that something veeery important changed in the last version (Im running 2.2.19 and the howto is for 2.2.18 i think, maybe even earlier) so that the howto doesn't work like it is?
ok I did some research and found following in the ispconfig log: Code: INFO - make_ssl_cnf /home/www/web19/ssl/openssl.cnf followed by the very long command that generates the ssl certificates and the information that it fails because there is no .../openssl.cnf. So my guess would be that make_ssl_cnf fails and this is the whole problem with my ssl sites. However i didn't find a make_ssl_cnf function in the ispconfig php-s (i used grep) and there doesn't seem to be a command by that name either. So where is it? In the ispconfig daemon? And what could be its problem? Thanks
openssl.cnf is created on the fly and instantly deleted after the cert has been created. You can find the function in /root/ispconfig/scripts/lib/config.lib.php.
Yeey I got it to work, thanks Falko. The problem was that openssl refused to generate certificates if the country, city and organisation fields in the ispconfig form are left empty. Since ispconfig doesn't complain about those empty fields I would guess that the openssl version in etch doesn't take it so seriously either and this whole misbehaviour is due to the newer openssl I had to use for the TLS extensions thingy. I could hack around a bit in the config.lib.php to correct this minor issue, but first I've got to go get some sleep Thanks again for the help and thanks even more for writing such a great piece of software and releasing it open source! I recently rented a dedicated server together with 9 friends and ISPconfig is absolutely running things for us. Keep it up
