Hello. I have a site where my customer needs one SSL certificate but it will not work. At starting i enabling the SSL on homepage => In SSL tab i writing the informations(Country, name osv,) and then i was finish writing i trying to create a certificate.. After what i send my CSR into godaddy, and i gets crt and bundlefile.. I copyed the data from current files into both information(ssl certificate and bundle) and then i got this error then i trying to view the site: ssl_error_rx_record_too_long Why? And thanks
Please try to remove the content from the bundle field, select save as action, wait 2 minutes and try to access the site again with your webbrowser. Does the error message change? If yoes, plaese post the instructions that godaddy provided on how to include the bundle cert, as they mkght be different from waht ispconfig uses to include the bundle.
Hmm, i have tried to remove the content in bundle, but the error code is the same,.. I have also tryed to restart apache but nothing changes(error code) Do you have any other options?
Theoretically yes, but it should have been written there already. I guess the problem might be related to a bug in ispconfig. Please post the output of "ls" from within the sl directory and also post the content of the vhost file of this website and the ISPConfig version that you use currently.
web1:/var/www/neohost.dk/ssl# ls gd_bundle.crt www..crt www..key.org www.neohost.dk.key neohost.dk.crt www..csr www.neohost.dk.crt www.neohost.dk.key.org neohost.dk.csr www..key www.neohost.dk.csr ----------------------------------------------------------------------- web1:/etc/apache2/sites-available# nano neohost.dk.vhost GNU nano 2.0.7 File: neohost.dk.vhost <Directory /var/www/clients/client0/web1/web> Options FollowSymLinks AllowOverride All Order allow,deny Allow from all </Directory> # mod_php enabled AddType application/x-httpd-php .php .php3 .php4 .php5 php_admin_value sendmail_path "/usr/sbin/sendmail -t -i [email protected]" php_admin_value upload_tmp_dir /var/www/clients/client0/web1/tmp php_admin_value session.save_path /var/www/clients/client0/web1/tmp php_admin_value open_basedir /var/www/clients/client0/web1/web:/var/www/clients/client0/web1/tmp:/var/www/neohost.dk/we$ RewriteEngine on RewriteCond %{HTTP_HOST} ^kontrolpanel.neohost.dk [NC] RewriteRule ^/(.*)$ http://mainweb.neohost.dk:81$1 # add support for apache mpm_itk <IfModule mpm_itk_module> AssignUserId web1 client0 </IfModule> </VirtualHost> ------------------------------------------------------------------------ Iam running the last version of ispconfig 3
I see that you've exactly the same problem as i had last week: The same error in your browser and the fact that the SSL-Engine is not turned on in the vhost of the site. Please don't switch on the SSL Engine manually and don'trestart Apache afterwards, otherwise Apache2 can't restart anymore and ISPConfig3 and your websites will be down! Probably there is something wrong with the SSL-certicate and/or the steps you took during the creation of the SSL-certicate. It might be a bug as well, because we are not the only ones who had these problems. Please, also don't click to fast in ISPConfig3 during turning on SSL and creating the certicates. Don't save your self created certicate yet. Only save the commercial certicate from your provider, which belongs to the CSR. You can also get that error in your browser if you don't upload all the additional certicates into the ssl folder of the web. You probably need to add additional "SSLCertificateChainFile" directives to pin the additional certicates. You can add these rules by using the options tab of the web. I am not sure if the my similar problems where caused by a corrupt SSL-certicate or because of a bug, because i took all the steps again with a new SSL-certicate.
Thanks for the reply and you too also Till, I have never saved the auto generated crt from ispconfig, i have changed it to my godaddy certificate... As i read your text i should do: Create certificate, give crt to godaddy, paste the certificate from godaddy into certificate and bundle should i not paste into the text field? After that i should(20 min) i should turn SSL on? // How can i in my vhost file do it so it will work manualy? Thanks alot for the reply both.
I guess your problem might be related to this bug: http://bugtracker.ispconfig.org/index.php?do=details&task_id=1179&tasks=&project=3&due=44&status[0]= I've attached a copy of the fixed apache plugin. Please unpack it from the zip file and then copy it to the directory /usr/local/ispconfig/server/plugins-available/ Then go into the ispconfig interface and select save as action for the ssl cert again and click on save.
Thanks Tiill, Its works but not allright... My certificate is issued to www. but vhost link was neohost but i have set www.neohost.dk on the certificate.. I changed the link into the vhost and restarted apache when allthing works out..
Iam trying again, sorry for a bad text.. The new plugin working, but with problems! I have created my certificate like "www.neohost.dk", but in the vhost file the the link was only "neohost.dk" without www... Maybe a bug? But my site is working fine now with https:// and thanks both!
Its not right, it was after i have updated the plugin.. Maybe you should check it again for a bug more.. ?
I Have one update to the problem.. My customer tryed to deactiveate the website and turning the site on again, and the problem is coming again... In vhost file before editing: SSLEngine on SSLCertificateFile /var/www/clients/client0/web1/ssl/neohost.dk.crt SSLCertificateKeyFile /var/www/clients/client0/web1/ssl/neohost.dk.key In vhost file after editing: SSLEngine on SSLCertificateFile /var/www/clients/client0/web1/ssl/www.neohost.dk.crt SSLCertificateKeyFile /var/www/clients/client0/web1/ssl/www.neohost.dk.key The site can not see "www." and then the problem with error comes again.. Just a notice
Hi Till, I had new and similar problems again during the installation of SSL-certicates, but i want you to know that your apache2-plugin works for me! Thanks for the solution.
