SSL stopped working

Discussion in 'General' started by mrbronz, Mar 4, 2021.

Tags:
  1. mrbronz

    mrbronz Member HowtoForge Supporter

    Hi all

    I have just changed my public IP address, I have altered the IP address with my Domain registrar waited for the changes to propagate.
    The main domains are working fine but the ISP interface has stopped responding to HTTPS requests. It will respond to none secure HTTP.
    Do I have to do something else to get this to work?
     
  2. ahrasis

    ahrasis Well-Known Member

    Dig your ISPConfig interface fqdn. Has it been propagated to the right ip?
     
  3. mrbronz

    mrbronz Member HowtoForge Supporter

    Yes, it has been propagated to the correct address.
    I have several domains and they are all working fine, just not isp interface on port 8080

    I have recreated the FQDN for the interface and created the SSL and LESSL but still nothing
     
  4. ahrasis

    ahrasis Well-Known Member

    Clean browser caches or try from different browser or computer or gadjet just to be sure.
     
  5. mrbronz

    mrbronz Member HowtoForge Supporter

    Yes already tried that
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The IP address is nowhere used in the host configuration of the ISPConfig vhost, so changing it has no influence on the availability of the ISPConfig interface. This means that you must have changed something beside the IP address that has caused this. So the question is, what else did you change?
     
  7. mrbronz

    mrbronz Member HowtoForge Supporter

    o_O Nothing... Apart from recreating the site that didn't work!

    I was hoping that recreating it would remove the old certs and create new ones, but I get the same error
     
  8. mrbronz

    mrbronz Member HowtoForge Supporter

    There is nothing critical on this server so if I have to delete sites or setting it's not a problem.

    I have just tried to create a test subdomain and it is not working. the SSL and LESSL are not being created
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Are you talking about a website or about the ispconfig interface? in your first post, you mentioned the ISPConfig interface, wich is not related to sites in ISPConfig.
     
  10. mrbronz

    mrbronz Member HowtoForge Supporter

  11. mrbronz

    mrbronz Member HowtoForge Supporter

    Any Ideas?
     
  12. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    Your default website (eg. 000-default in Debian) might be interfering with your server fqdn vhost. What does 'apachectl -S' show?
     
  13. mrbronz

    mrbronz Member HowtoForge Supporter

    VirtualHost configuration:
    *:8081 VirtualHost configuration:
    *:8081 myserver.mydomain.com (/etc/apache2/sites-enabled/000-apps.vhost:9)
    *:8080 myserver.mydomain.com (/etc/apache2/sites-enabled/000-ispconfig.vhost:9)
    *:80 is a NameVirtualHost
    default server myserver.mydomain.com (/etc/apache2/sites-enabled/000-default.conf:1)
    port 80 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/000-default.conf:1)
    port 80 namevhost mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:7)
    alias www.mydomain.com
    port 80 namevhost anotherdomain.com.net (/etc/apache2/sites-enabled/100-anotherdomain.com.net.vhost:7)
    alias www.anotherdomain.com.net
    port 80 namevhost anotherdomain.com.org (/etc/apache2/sites-enabled/100-anotherdomain.com.org.vhost:7)
    alias www.anotherdomain.com.org
    port 80 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/100-myserver.mydomain.com.vhost:7)
    alias www.myserver.mydomain.com
    port 80 namevhost myuser.isp.com (/etc/apache2/sites-enabled/100-myuser.isp.com.vhost:7)
    alias www.myuser.isp.com
    port 80 namevhost yetanother.com (/etc/apache2/sites-enabled/100-yetanother.com.vhost:7)
    alias www.yetanother.com
    *:443 is a NameVirtualHost
    default server mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:195)
    port 443 namevhost mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:195)
    alias www.mydomain.com
    port 443 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/100-myserver.mydomain.com.vhost:195)
    alias www.myserver.mydomain.com
    port 443 namevhost yetanother.com (/etc/apache2/sites-enabled/100-yetanother.com.vhost:195)
    alias www.yetanother.com
    ServerRoot: "/etc/apache2"
    Main DocumentRoot: "/var/www/html"
    Main ErrorLog: "/var/log/apache2/error.log"
    Mutex authdigest-client: using_defaults
    Mutex fcgid-proctbl: using_defaults
    Mutex ssl-stapling: using_defaults
    Mutex proxy: using_defaults
    Mutex ssl-cache: using_defaults
    Mutex default: dir="/var/run/apache2/" mechanism=default
    Mutex mpm-accept: using_defaults
    Mutex fcgid-pipe: using_defaults
    Mutex authdigest-opaque: using_defaults
    Mutex watchdog-callback: using_defaults
    Mutex rewrite-map: using_defaults
    Mutex ssl-stapling-refresh: using_defaults
    PidFile: "/var/run/apache2/apache2.pid"
    Define: DUMP_VHOSTS
    Define: DUMP_RUN_CFG
    Define: MODPERL2
    Define: ENABLE_USR_LIB_CGI_BIN
    User: name="www-data" id=33
    Group: name="www-data" id=33
    .mydomain.com (/etc/apache2/sites-enabled/000-apps.vhost:9)
    *:8080 myserver.mydomain.com (/etc/apache2/sites-enabled/000-ispconfig.vhost:9)
    *:80 is a NameVirtualHost
    default server myserver.mydomain.com (/etc/apache2/sites-enabled/000-default.conf:1)
    port 80 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/000-default.conf:1)
    port 80 namevhost mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:7)
    alias www.mydomain.com
    port 80 namevhost anotherdomain.com.net (/etc/apache2/sites-enabled/100-anotherdomain.com.net.vhost:7)
    alias www.anotherdomain.com.net
    port 80 namevhost anotherdomain.com.org (/etc/apache2/sites-enabled/100-anotherdomain.com.org.vhost:7)
    alias www.anotherdomain.com.org
    port 80 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/100-myserver.mydomain.com.vhost:7)
    alias www.myserver.mydomain.com
    port 80 namevhost myuser.isp.com (/etc/apache2/sites-enabled/100-myuser.isp.com.vhost:7)
    alias www.myuser.isp.com
    port 80 namevhost yetanother.com (/etc/apache2/sites-enabled/100-yetanother.com.vhost:7)
    alias www.yetanother.com
    *:443 is a NameVirtualHost
    default server mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:195)
    port 443 namevhost mydomain.com (/etc/apache2/sites-enabled/100-mydomain.com.vhost:195)
    alias www.mydomain.com
    port 443 namevhost myserver.mydomain.com (/etc/apache2/sites-enabled/100-myserver.mydomain.com.vhost:195)
    alias www.myserver.mydomain.com
    port 443 namevhost yetanother.com (/etc/apache2/sites-enabled/100-yetanother.com.vhost:195)
    alias www.yetanother.com
    ServerRoot: "/etc/apache2"
    Main DocumentRoot: "/var/www/html"
    Main ErrorLog: "/var/log/apache2/error.log"
    Mutex authdigest-client: using_defaults
    Mutex fcgid-proctbl: using_defaults
    Mutex ssl-stapling: using_defaults
    Mutex proxy: using_defaults
    Mutex ssl-cache: using_defaults
    Mutex default: dir="/var/run/apache2/" mechanism=default
    Mutex mpm-accept: using_defaults
    Mutex fcgid-pipe: using_defaults
    Mutex authdigest-opaque: using_defaults
    Mutex watchdog-callback: using_defaults
    Mutex rewrite-map: using_defaults
    Mutex ssl-stapling-refresh: using_defaults
    PidFile: "/var/run/apache2/apache2.pid"
    Define: DUMP_VHOSTS
    Define: DUMP_RUN_CFG
    Define: MODPERL2
    Define: ENABLE_USR_LIB_CGI_BIN
    User: name="www-data" id=33
    Group: name="www-data" id=33
     
  14. Jesse Norell

    Jesse Norell ISPConfig Developer Staff Member ISPConfig Developer

    That's why your http://myserver.mydomain.com vhost doesn't work.

    ISPConfig should still work on port 8080, what behavior do you see? Errors? Does the web server record your requests? Is DNS pointing to the correct address? Maybe clear your browser cache.
     
  15. mrbronz

    mrbronz Member HowtoForge Supporter

    Last edited: Mar 4, 2021
  16. till

    till Super Moderator Staff Member ISPConfig Developer

    You'll probably have a DNS error then for the subdomain myserver.mydomain.com
     
  17. mrbronz

    mrbronz Member HowtoForge Supporter

    How would I know? I mean how do I test it and How do I resolve it
     
  18. till

    till Super Moderator Staff Member ISPConfig Developer

    You can e.g. ping the subdomain from your desktop and check if the IP that the ping command shows is the right one.
     
  19. mrbronz

    mrbronz Member HowtoForge Supporter

    myserver.mydomain.com is the only site it won't ping
     
  20. till

    till Super Moderator Staff Member ISPConfig Developer

    Then check your DNS settings, where you altered the IP address, to ensure that you did the changes correctly.
     

Share This Page