Hello everybody. I just purchased an SSL certificate from godaddy.com. I followed the steps outlined here: http://www.howtoforge.com/forums/showthread.php?t=27606 to install the certificate on my server. However I can't get this to work. when I enter https://www.mydomain.com the browser cant connect to my server. The exact error firefox is giving me is: Failed to Connect Firefox can't establish a connection to the server at www.mydomain.com. Is this a problem with the SSL installation? It looks like a DNS related problem to me. How can i fix this?
1) Are you able to connect to www.mydomain.com without dns? 2) Please post the output of the command: nestat -tap
Hi Till. nestat -tap returns the following: Proto Recv-Q Send-Q Local Address Foreign Address Stat e PID/Program name tcp 0 0 *:npmp-gui *:* LIST EN 2125/rpc.statd tcp 0 0 *:mysql *:* LIST EN 2503/mysqld tcp 0 0 *:sunrpc *:* LIST EN 2076/portmap tcp 0 0 *:hosts2-ns *:* LIST EN 7110/ispconfig_http tcp 0 0 *:ftp *:* LIST EN 14289/proftpd: (acc tcp 0 0 BBB.BBB.BBB.BB:domain *:* LIST EN 9030/named tcp 0 0 AAA.AAA.AAA.AAA:domain *:* LIST EN 9030/named tcp 0 0 ess000665.localdomai:domain *:* LIST EN 9030/named tcp 0 0 ess000665.localdomain:ipp *:* LIST EN 2390/cupsd tcp 0 0 *:smtp *:* LIST EN 14354/master tcp 0 0 ess000665.localdomain:rndc *:* LIST EN 9030/named tcp 0 0 *:imaps *:* LIST EN 2532/dovecot tcp 0 0 *op3s *:* LIST EN 2532/dovecot tcp 0 0 *op3 *:* LIST EN 2532/dovecot tcp 0 0 *:imap *:* LIST EN 2532/dovecot tcp 0 0 *:http *:* LIST EN 7575/httpd tcp 0 0 *:ssh *:* LIST EN 2375/sshd tcp 0 0 localhost6.localdomain:rndc *:* LIST EN 9030/named tcp 0 1892 ::ffff:AAA.AAA.AAA.AAA:ssh p4FD5FB21.dip.t-:telefinder ESTA BLISHED 18000/0 What do you mean when you say: "can you connect to www.mydomain.com without dns?" I was talking about the dns records for www.mydomain.com i have set up in ispconfig. If i disable this off course i wont be able to connect anymore??? However i don't really know what i am doing here. Kind of new to linux... Some more information: I am using centos 5.2 and I used the perfect server setup guide for centos from how to forge. From the beginning i could not get ispconfig runing on a SSL secured connection. So i reinstalled again and after it didnt work i went for the option without SSL which is perfectly working now. I added suPHP to the inital setup. ISPConfig is runnig on IP AAA.AAA.AAA.AAA and the domain I installed the new godday ssl certificate for is runing on a different IP (BBB.BBB.BBB.BB). When i type https://AAA.AAA.AAA.AAA:81 i get the following error: "SSL received a record that exceeded the maximum permissible length.(Error code: ssl_error_rx_record_too_long)". I tried to reinstall the certificate already but with no result at all. For the goddady SSL I just get an "cant connect to my server" error. I can connect to http://www.mydomain.com but not to https://www.mydomain.com. Hope that helps. Actually i would like to have both ssl certificates working. I would have reinstalled but i tried that before without any success...
Ok here is some follow up info. It turns out mod_ssl wasn't properly installed. I guess that's a typical newbie mistake. I simply did yum install mod_sll , then i restarted apache and my godaddy certificates on my second ip are perfectly working now However I still have problems with the isp config controll panel. I did this: http://www.howtoforge.com/forums/showthread.php?t=121 Restarted ispconfig but i still get the same error message in firefox: Secure Connection Failed An error occurred during a connection to XXX:XXX:XXX:XX:81. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Not sure whats causing this. One thing that might be important to mention. My main IP has no domain attached to it. So i just inserted my ip for the common name when i requested the SSL certificate. I tried leaving all blank as well with no success. Not sure what else i could try. Any help with this would be greatly appreciated. Loging into my ispconfig panel wihout ssl in place doenst sound like a great idea to me...
Now this is strange. I can now connect to the ip ispconifg is set up on with: https://IP-here Everything seems to work. I get an apache centos test page. Now this seems ok to me as it is already better then an SSL error. But shouldn't i be seeing the same page as with http://IP-here which is the ispconfig shared ip page? Anyways if i try to connect to https://IP-here:81 i get the same error as before. (same IP just added :81 to get to ispconfig login.) ??? Any suggestions?
Thanks Falko. I recreated the Certificate but i am still getting the same error message. Is there anything else i could try?
As stated abouve I choose http during the installation cause i couldn't get https to work (mod_sll wasn't properly installed). So I should change to https? Ok gone try that and come back with the results in a few minutes. Up to now I thought choosing http only means that ispconfig goes to http://myIP:81 with default settings. I thought i could still manually insert the https://... I guess i was wrong. Thanks again for you help Falko. Gone get back to you with the results soon...
Ok I just did: http://www.howtoforge.com/forums/showthread.php?t=3732 Everything is working now. Sorry for being stupid and thank you for your help again guys. I really appreciate
