Hi all, I am trying to install certificate to one of the domains under ISP Config. I followed the instructions from http://www.ispconfig.org/downloads/manual_en/manual_kunde_en_src.htm. However, when I go the the site to view the certificate, I get this error The CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authorities store. Issued to: www.mydomain.com Issued by: www.mydomain.com Can anyone help? Thanks!
The certificate is working fine. Its just a self signed certificate which shows this warning message in the browser. If you need a signed certificate, you have to buy one e.g. from godaddy or instantssl.
Thanks for your response. I have purchased a signed cert from RapidSSL. I followed the instructions from the ISPConfig help. We pasted the cert text into the SSL Certificate text box, selected save certificate from the drop down box and then clicked save. When we navigate to the website, it still shows the self-signed cert. We have restarted the apache and the server to see if this would work, but to no avail. Any help will be much appreciated... Thanks
It might be nescessary that you install a ssl chain file for the certificates from this authority to work properly. Did they send you a ssl cahin file too together with the certificate file?
Yes, they sent us root certificate and SSL certificate. How do we install root certificate? Thanks a lot.
Copy the root certificate file to the ssl folder of the website. Then add the following line to the apache directives field: SSLCACertificateFile /home/www/www.yourdomain.tld/ssl/ca.txt and change the path so that it points to the root certificate.
Hello, I created the ca.txt file and pasted in the CA Cert text. Then edited the path for the apache directives. We cannot access any websites now. I checked and the httpd failed to start, I tried to start it manually to no avail. I'm restoring a backup of the server. Do you have any suggestions?
No need to restore a backup. Just edit the vhost_ispconfig.conf file nad comment out the line and restart apache. The look at the apache logs and ssl error log why apache afiled to start. I guess that either the path to the cert was wrong or the cert was corrupted or incompatible so that apache was not able to read the content