ISPconfig fails to load webpage

Discussion in 'HOWTO-Related Questions' started by kyferez, Jul 5, 2017.

  1. kyferez

    kyferez Member

    I have followed your CentOS 7.2 guide (howtoforge . com /tutorial/perfect-server-centos-7-2-apache-mysql-php-pureftpd-postfix-dovecot-and-ispconfig) and everything went fine.

    However when I load https :// 10.25.252.157:8080, I was getting the Apache test page. I commented out the /etc/httpd/conf.d/welcome.conf lines and restarted Apache. Now I get a directory listing instead of any page. If I try to go to https :// 10.25.252.157:8080/ispconfig then I get a 404 error.

    Here's my Vservers loaded, which were all created during the install and I haven't modified:
    Code:
     httpd -S
    AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/httpd/conf/httpd.conf:356
    VirtualHost configuration:
    *:443                  s2.tg2.local (/etc/httpd/conf.d/ssl.conf:56)
    *:8081                 s2.tg2.local (/etc/httpd/conf/sites-enabled/000-apps.vhost:9)
    *:8080                 s2.tg2.local (/etc/httpd/conf/sites-enabled/000-ispconfig.vhost:9)
    ServerRoot: "/etc/httpd"
    Main DocumentRoot: "/var/www/html"
    Main ErrorLog: "/etc/httpd/logs/error_log"
    Mutex authdigest-opaque: using_defaults
    Mutex proxy-balancer-shm: using_defaults
    Mutex rewrite-map: using_defaults
    Mutex authdigest-client: using_defaults
    Mutex ssl-stapling: using_defaults
    Mutex proxy: using_defaults
    Mutex authn-socache: using_defaults
    Mutex ssl-cache: using_defaults
    Mutex default: dir="/run/httpd/" mechanism=default
    Mutex mpm-accept: using_defaults
    PidFile: "/run/httpd/httpd.pid"
    Define: DUMP_VHOSTS
    Define: DUMP_RUN_CFG
    User: name="apache" id=48
    Group: name="apache" id=48
    
    Here's a tail of the various logs when attempting to access ispconfig:
    Code:
    [root@s2 install]# tail -f /var/log/httpd/error_log
    [Wed Jul 05 16:16:22.680033 2017] [ssl:warn] [pid 10710] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    [Wed Jul 05 16:16:22.744634 2017] [auth_digest:notice] [pid 10710] AH01757: generating secret for digest authentication ...
    [Wed Jul 05 16:16:22.746180 2017] [lbmethod_heartbeat:notice] [pid 10710] AH02282: No slotmem from mod_heartmonitor
    [Wed Jul 05 16:16:22.747798 2017] [ssl:error] [pid 10710] AH02217: ssl_stapling_init_cert: Can't retrieve issuer certificate!
    [Wed Jul 05 16:16:22.747814 2017] [ssl:error] [pid 10710] AH02235: Unable to configure server certificate for stapling
    [Wed Jul 05 16:16:22.747832 2017] [ssl:warn] [pid 10710] AH01906: RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
    [Wed Jul 05 16:16:22.832909 2017] [:notice] [pid 10710] mod_python: Creating 8 session mutexes based on 256 max processes and 0 max threads.
    [Wed Jul 05 16:16:22.832953 2017] [:notice] [pid 10710] mod_python: using mutex_directory /tmp
    [Wed Jul 05 16:16:22.864171 2017] [mpm_prefork:notice] [pid 10710] AH00163: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips PHP/5.4.16 mod_python/3.5.0- Python/2.7.5 configured -- resuming normal operations
    [Wed Jul 05 16:16:22.864239 2017] [core:notice] [pid 10710] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
    ^C
    [root@s2 install]# tail -f /var/log/httpd/ssl_access_log
    ^C
    [root@s2 install]# tail -f /var/log/httpd/ssl_error_log
    [Wed Jul 05 16:01:04.059075 2017] [ssl:warn] [pid 28315] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:01:04.112871 2017] [ssl:warn] [pid 28315] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:01:31.254767 2017] [ssl:warn] [pid 28336] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:01:31.300737 2017] [ssl:warn] [pid 28336] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:05:16.333669 2017] [ssl:warn] [pid 29538] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:05:16.444901 2017] [ssl:warn] [pid 29538] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:13:05.396721 2017] [ssl:warn] [pid 9524] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:13:05.444882 2017] [ssl:warn] [pid 9524] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:16:22.680535 2017] [ssl:warn] [pid 10710] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    [Wed Jul 05 16:16:22.748352 2017] [ssl:warn] [pid 10710] AH01909: RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    ^[[A^[[A^C
    [root@s2 install]# tail -f /var/log/httpd/ssl_request_log
    ^C
    [root@s2 install]# tail -f /var/log/httpd/access_log
    ::1 - - [05/Jul/2017:16:15:02 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (ISPConfig monitor)"
    10.13.72.23 - - [05/Jul/2017:16:16:30 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
    ::1 - - [05/Jul/2017:16:20:01 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (ISPConfig monitor)"
    10.13.72.23 - - [05/Jul/2017:16:21:08 -0400] "GET /ispconfig HTTP/1.1" 404 207 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
    ::1 - - [05/Jul/2017:16:25:01 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (ISPConfig monitor)"
    ::1 - - [05/Jul/2017:16:30:02 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (ISPConfig monitor)"
    10.13.72.23 - - [05/Jul/2017:16:32:45 -0400] "GET /ispconfig HTTP/1.1" 404 207 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
    10.13.72.23 - - [05/Jul/2017:16:32:47 -0400] "GET /ispconfig HTTP/1.1" 404 207 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
    10.13.72.23 - - [05/Jul/2017:16:32:50 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; rv:54.0) Gecko/20100101 Firefox/54.0"
    ::1 - - [05/Jul/2017:16:35:02 -0400] "GET / HTTP/1.1" 200 481 "-" "Mozilla/5.0 (ISPConfig monitor)"
    
    I'd LOVE some help. This is the 2nd time I've tried to configure a server to use ISPconfig and hit this exact same issue on different servers. Both were a CentOS 7 variant.
     
  2. Tuumke

    Tuumke Active Member

    Is this for private use internally?
    If not, did you change hostnames etc before setting ISPC?
     
  3. kyferez

    kyferez Member

    yes, it's for internal use only.

    Any other ideas? I suspect the VHost isn't working properly on Cent as this is the 2nd time I've run through these guides (first was on Cent 7 second 7.2) and had the same issue.
     
    Last edited: Jul 6, 2017
  4. Tuumke

    Tuumke Active Member

    RSA certificate configured for s2.tg2.local:443 does NOT include an ID which matches the server name
    hostname -f does probably not match s2.tg2.local (i think something like that is the issue)
     
  5. kyferez

    kyferez Member

    Thanks. Where can we set ISPconfig to use HTTP? At this point I just want to take as much complexity out of the config as possible.
     
  6. kyferez

    kyferez Member

    These guides never work 100%. HowToForge should have 3rd parties test the guides using ISO installs before publishing them. Just look at all the comments stating clear fixes that had to be done before certain steps would succeed.
     
  7. Tuumke

    Tuumke Active Member

    It's not the guides. Those are alright. It's how you use the guides.
    During setup, you get asked if you want to enable/force https. If you dont read whay you are doing, it's not the guides fault.

    Should have pressed N at this point.
    Not sure how to change afterwards, if its a config settings or that you need to re-run the installer and reconfigure services.
    Maybe @till or @sjau can answer this?
     
    Last edited: Jul 10, 2017
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    The only way to remove SSL from ISPConfig login is to edit the ispconfig.vhost file and comment out the SSL lines, then restart apache.

    The guides are fine and get tested regularly, they work by blindly copy/pasting the commands. As @Tuumke pointed out, the problem are not in the tutorials. What users post below the tutorials are either mistakes they made during install or changes that are required due to their use of different base systems or by starting from an unclean basis. Another source of problems happen diue to replacement of software, and the commenters do not mention that. I just recently had a user who complained that the Debian 9 perfect server is not working and the reason for his problems was that he had replaced MariaDB with MySQL 5.7 which resulted in different config file locations and different questions from apt during install of phpmyadmin and roundcube.
     
    ahrasis likes this.
  9. kyferez

    kyferez Member

    till,
    From Tuumke, where he mentioned this step: "Do you want a secure (SSL) connection to the ISPConfig web interface (y,n) [y]: <-- Hit Enter" it clearly says HIT Enter. This is Clearly a Default to Yes when you hit enter. So telling me the guides are correct and stating I should hit No there is contradictory. So is the guide right or is Tuumke?

    Also, I did just Copy and Paste the guides. NO changes. Twice. It doesn't work.

    Also, there is a missing command in step 13, which I commented about: Step 13. If you get an error during "./configure" then run this command: "yum install httpd-devel" (which is an easier solution than what another commenter said to do).

    So ya, the guides aren't "Perfect".
     
    Last edited: Jul 10, 2017
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    You should hit enter there, which defaults to yes, and that's what the guide tells you. SSL is the default today and that's why the default is yes.

    You asked Tuumke, in opposite to the guide and recommended setup, how you can disable SSL and that's what he told you. So where is the guide wrong when you want to disable a recommended feature?

    I will check that regarding httpd-devel, but the setup worked here as it is described in the guide, so you may simply use a different base setup as I already outlined above.

    Btw. you are not even using the latest version of the tutorial. The current centOS 7 guide is this one: https://www.howtoforge.com/tutorial...php-pureftpd-postfix-dovecot-and-ispconfig/2/
     
  11. kyferez

    kyferez Member

    The responses made it seem like I was being told I did something wrong... That's why I called it out - for clarification.

    I'm using the CentOS 7.2 version of the guide because I'm using CentOS 7.2 Everything DVD ISO. Should I use the 7.3 guide with 7.2 installer?
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    When you use CentOS 7.2 and your server is not connected t the internet so it won't get any updates during installation, then this guide should be fine. But as soon as you install updates with yum and your server is connected to the internet, then you will get a newer CentOS version and in that case, use the latest guide.
     
  13. kyferez

    kyferez Member

    I did it one more time, following the steps in version 7.3 and it Actually worked. ISPConfig actually loaded this time for the first time. So the guide to use is definitely 7.3.

    I think the problem I may have been having in the 7.2 guide is this from Step 13 of the 7.3 guide as I remember seeing something about this error but it looked like the install completed Ok so I ignored it:
    Code:
    sed -e 's/(git describe --always)/(git describe --always 2>\/dev\/null)/g' -e 's/`git describe --always`/`git describe --always 2>\/dev\/null`/g' -i $( find . -type f -name Makefile\* -o -name version.sh )
     
    Last edited: Jul 12, 2017
  14. Tuumke

    Tuumke Active Member

    Nice that you solved the problem. Good job
     

Share This Page