I installed CentOS and ISPConfig 3 as the 'The Perfect Server - CentOS 5.3 x86_64 [ISPConfig 3]' instructions say. One of the domains hosted is an ecommerce and although we don't take credit card details I would still like it secure for user confidence. So I went to comodo and requested an IntantSSL certificate. I generated my CSR through ISPConfig and pasted it at comodo and got an Apache mod SSL certificate bundle. I pasted the certificate I got from comodo into ISPConfig and saved it. I then added the line ' SSLCertificateChainFile /var/www/clients/client1/web/ssl/www_savacomp_com.ca-bundle' to the Apache directives box within ISPConfig. I then restarted - /etc/init.d/httpd restart Now when I go to my website using hhtps rather than http I still have a certificate error with the certificate issued to localhost.localdomain. Does anybody know why that would happen as its driving me nuts!
Please post the exact error messages from the apache error log of the website and the sl error log. Also the chain file has not be inserted like you did it, there is a field for the chain file in ispconfig named SSL Bundle where you have to add the contents of the bundle certificate.
This is my ssl_error_log [Thu Dec 03 14:53:02 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Dec 03 14:53:02 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Thu Dec 03 15:08:05 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Dec 03 15:08:05 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Thu Dec 03 16:33:03 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Dec 03 16:33:03 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Thu Dec 03 16:33:27 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Dec 03 16:33:27 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Thu Dec 03 16:33:28 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Dec 03 16:33:28 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? [Thu Dec 03 16:33:52 2009] [error] [client 192.168.1.1] Directory index forbidden by Options directive: /var/www/html/
Error_log from /var/log/httpd [Thu Dec 03 14:52:53 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. [Thu Dec 03 14:52:53 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [Thu Dec 03 14:53:01 2009] [notice] SIGHUP received. Attempting to restart [Thu Dec 03 14:53:02 2009] [notice] Digest: generating secret for digest authentication ... [Thu Dec 03 14:53:02 2009] [notice] Digest: done PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 [Thu Dec 03 14:53:02 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. [Thu Dec 03 14:53:02 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [Thu Dec 03 15:08:04 2009] [notice] SIGHUP received. Attempting to restart [Thu Dec 03 15:08:04 2009] [notice] Digest: generating secret for digest authentication ... [Thu Dec 03 15:08:04 2009] [notice] Digest: done PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 [Thu Dec 03 15:08:05 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. [Thu Dec 03 15:08:05 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [Thu Dec 03 16:33:03 2009] [notice] SIGHUP received. Attempting to restart [Thu Dec 03 16:33:03 2009] [notice] Digest: generating secret for digest authentication ... [Thu Dec 03 16:33:03 2009] [notice] Digest: done PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 [Thu Dec 03 16:33:03 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. [Thu Dec 03 16:33:03 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations [Thu Dec 03 16:33:27 2009] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec) [Thu Dec 03 16:33:28 2009] [notice] Digest: generating secret for digest authentication ... [Thu Dec 03 16:33:28 2009] [notice] Digest: done PHP Warning: PHP Startup: mssql: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 PHP Warning: PHP Startup: tidy: Unable to initialize module\nModule compiled with module API=20050922, debug=0, thread-safety=0\nPHP compiled with module API=20060613, debug=0, thread-safety=0\nThese options need to match\n in Unknown on line 0 [Thu Dec 03 16:33:28 2009] [notice] mod_python: Creating 4 session mutexes based on 256 max processes and 0 max threads. [Thu Dec 03 16:33:28 2009] [notice] Apache/2.2.3 (CentOS) configured -- resuming normal operations
Site error.log [Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] SecurityException in Application.cpp:496: Handler not found in configuration [Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Caused by KeyNotFoundException in Configuration.cpp:234: Handler "x-httpd-php" not found [Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] Premature end of script headers: index.php [Thu Dec 03 18:35:05 2009] [error] [client 192.168.1.1] File does not exist: /var/www/error/500.html This error was generated when trying to access site with https:
I am going to regenerate another certificate and this time paste the contents of the bundle file into ispconfig.
yesterday I ordered a Comodo certificate. I use ISPConfig 2.2.35 I took SSL Request: ----XXXXXX Hav send it to the Certificate auth. This morning I received the certificate After installing my server would not start again What did I do wrong WKR, JL
I am having the same issue with CentOS 5.3 x64 and ISPConfig 3.0.1.6. I followed the directions and installed the certificate via ISPConfig as I should, but for some reason it is bringing up the local certificate when a user goes to a secure site on my domain. My logs look pretty much the same as above posted.
