Page 1 of 2 12 LastLast
Results 1 to 15 of 26

Thread: ssl cert + 500 internal server error

  1. #1
    Registered Member
    Join Date
    Aug 2010
    Posts
    7

    Default ssl cert + 500 internal server error

    Hi Folks,

    Hopefully someone can help me with this one.

    I have an ssl cert installed and it works find in WHM, I also have a joomla site and WHMCS installed when i use https on those I get a 500 internal server error.

    output of log is:
    Code:
    SoftException in Application.cpp:422: Mismatch between target UID (99) and UID (503) of file "/home/adminroo/public_html/clients/cart.php", referer: http://lmas-networks.com/
    and

    Code:
    SoftException in Application.cpp:422: Mismatch between target UID (99) and UID (503) of file "/home/adminroo/public_html/index.php"
    UID 99 is nobody I think?

    If i stat a directory that contains files that give the 500 error I get:

    Code:
     File: `public_html'
      Size: 4096            Blocks: 8          IO Block: 4096   directory
    Device: 37h/55d Inode: 53739932    Links: 17
    Access: (0755/drwxr-xr-x)  Uid: (  503/adminroo)   Gid: (   99/  nobody)
    Access: 2010-08-08 04:10:10.000000000 +0100
    Modify: 2010-08-06 17:44:33.000000000 +0100
    Change: 2010-08-08 02:05:59.000000000 +0100
    and a file:


    Code:
      File: `index.php'
      Size: 2049            Blocks: 8          IO Block: 4096   regular file
    Device: 37h/55d Inode: 54595371    Links: 1
    Access: (0644/-rw-r--r--)  Uid: (  503/adminroo)   Gid: (  500/adminroo)
    Access: 2010-08-14 17:23:05.000000000 +0100
    Modify: 2010-07-18 04:01:24.000000000 +0100
    Change: 2010-08-08 02:06:07.000000000 +0100
    I have seen a few threds saying the cert may have been installed as the wrong user but im not sure how to check that and I am farly sure I installed it as adminroo.

    Any ideas?

  2. #2
    Registered Member Miraenda's Avatar
    Join Date
    Jul 2004
    Location
    Coralville, Iowa USA
    Posts
    243

    Default

    99 is the user nobody, so it has to be installed under the wrong user (nobody) if that is the error you are receiving.

    Go to /var/cpanel/userdata/nobody to see if the cert is there by domain.com_SSL (domain.com being your domain's name) name. If it is, then move it to /var/cpanel/userdata/user (where user is the cPanel username of the right user). Open up the domain.com_SSL file and change the following in that file:

    Code:
    documentroot: /home/user/public_html
    group: user
    homedir: /home/user
    user: user
    Replacing user with the username for each one. Of note, these are not the only lines in the file, they are just the lines you need to change in that file.

    If the account is a reseller and not owned by root, you will also need to change owner: root to owner: user.

    Please also check the ip: field has the right IP listed.

    After making all the changes, then run these commands to rebuild Apache with the new entries and get it restarted:

    Code:
    /scripts/rebuildhttpdconf
    /etc/init.d/httpd restart

  3. #3
    Registered Member
    Join Date
    Aug 2010
    Posts
    7

    Default

    Thank you so much Miraenda.

    This fixed the issue very helpfull indeed!

  4. #4
    Registered Member Miraenda's Avatar
    Join Date
    Jul 2004
    Location
    Coralville, Iowa USA
    Posts
    243

    Default

    I'm glad that worked, and you are very welcome.

  5. #5
    Registered User
    Join Date
    Aug 2010
    Posts
    1

    Default

    thank you Miraenda...this worked like a charm

  6. #6
    Registered User
    Join Date
    Sep 2010
    Posts
    4

    Default

    Thanks Miraenda! Worked like a charm!

  7. #7
    Registered Member
    Join Date
    Aug 2010
    Posts
    8

    Default

    Just so I'm clear, WHM forces you to install ssl certs as nobody as a security measure, which breaks ssl on that vhost, and the fix is to change everything back to user, thus circumventing the security?

    Pardon me for being picky, but is this the official method for installing ssl in a vhost?

  8. #8
    cPanel Staff cPanelJared's Avatar
    Join Date
    Feb 2010
    Location
    Houston, TX
    Posts
    1,801
    cPanel Access Level

    Root Administrator

    Default nobody is only for shared SSL

    An SSL certificate should only be installed on the nobody user if it is meant to be a shared certificate. Normally, an SSL certificate should be installed for the account user that owns the domain for which the certificate was generated.
    For hands-on assistance, please reference our new support information page: Where should I go for support?
    cPResources: Support Options - Submit a ticket here - Additional Support Options - Forums Search - Mailing Lists(Alt) - Documentation - Find cPanel hosting


    -- Jared Ryan, Technical Analyst, cPanel Technical Support

  9. #9
    Registered Member
    Join Date
    Jan 2010
    Location
    Orlando, FL
    Posts
    65
    cPanel Access Level

    DataCenter Provider

    Default Re: ssl cert + 500 internal server error

    Thanks Miranda. . .

    That worked. The interesting this is that WHM said I couldn't install it unless I installed it as the nobody user, but in SSH all I did was follow the steps you laid out, and it worked like a charm, but then I had the issue with a second site, and all I did the second time around was assign that user his own IP, and the problem was solved that way too. =0)
    Follow me on Twitter!

    - Eric Gillette

  10. #10
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,611
    cPanel Access Level

    Root Administrator

    Default Re: ssl cert + 500 internal server error

    Correct, any SSL installed onto the main shared IP will only be installed as the user nobody via WHM, so if you are using that main shared IP for an account, you'd first have to install as nobody in WHM, then go into root SSH and do the steps I had noted (Miraenda user is my non-staff account).

    If you do not want to go through such a hassle, simply install a dedicated IP onto the account getting the SSL, then you can install the SSL using WHM onto the user's account rather than using the user nobody.
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

  11. #11
    Registered User
    Join Date
    Jun 2011
    Posts
    1

    Default Re: ssl cert + 500 internal server error

    What if i want to SSL a specific directory?

    For example my site has installed in the root

    so its: /https://www.domain.gr

    but i want the ssl to be used in /https://www.domain.gr/dir

  12. #12
    Registered Member
    Join Date
    Jan 2010
    Location
    Orlando, FL
    Posts
    65
    cPanel Access Level

    DataCenter Provider

    Default Re: ssl cert + 500 internal server error

    Quote Originally Posted by Stuff5 View Post
    What if i want to SSL a specific directory?

    For example my site has installed in the root

    so its: /https://www.domain.gr

    but i want the ssl to be used in /https://www.domain.gr/dir
    You would install the SSL certificate and then simply refer to the URL exactly the way you mentioned in your post.

    Securing a domain also secures its directories as well.

    So /https://www.domain.gr would be secure, just as https://www.domain.gr/<whatever_directory> would be.

    The only thing you can't do is secure a sub-domain in that fashion -- that would require a wildcard SSL certificate to secure *.domain.gr.

    But to answer your main question. . .it's just a matter of referring to the SSL secured domain within your HTML code.
    Follow me on Twitter!

    - Eric Gillette

  13. #13
    Registered User
    Join Date
    Dec 2011
    Posts
    3
    cPanel Access Level

    Root Administrator

    Default Re: ssl cert + 500 internal server error

    I've done the steps mentioned above, but when I try to rebuild httpd.conf I get this error:

    Code:
    Syntax error on line 266 of /usr/local/apache/conf/httpd.conf.1323104889:
    <VirtualHost> directive requires additional arguments
    When I remove the sub.domain.com_SSL file from /var/cpanel/userdata/user and try again, the rebuilding is fine. The account is owned by root and uses the shared ip from WHM and the certificate was installed in WHM.

    What am I missing?

    Best regards.

  14. #14
    cPanel Staff cPanelTristan's Avatar
    Join Date
    Oct 2010
    Location
    somewhere over the rainbow
    Posts
    7,611
    cPanel Access Level

    Root Administrator

    Default Re: ssl cert + 500 internal server error

    Please provide the information in that file:

    Code:
    cat /var/cpanel/userdata/user/sub.domain.com_SSL
    Something in the file is either missing or invalid.
    cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
    -- Tristan, Technical Analyst III, Forums Specialist, cPanel Tech Support

    Submit a ticket | Check an existing ticket

  15. #15
    Registered User
    Join Date
    Dec 2011
    Posts
    3
    cPanel Access Level

    Root Administrator

    Default Re: ssl cert + 500 internal server error

    I've substituted the username and domain with a generic one:
    Code:
    --- 
    documentroot: /home/user/public_html
    group: user
    hascgi: 1
    homedir: /home/user
    ip: 213.166.179.17
    owner: root
    phpopenbasedirprotect: ~
    port: 443
    serveradmin: webmaster@sub.domain.com
    serveralias: www.sub.domain.com
    servername: sub.domain.com
    ssl: 1
    sslcacertificatefile: /etc/ssl/certs/sub.domain.com.cabundle
    sslcertificatefile: /etc/ssl/certs/sub.domain.com.crt
    sslcertificatekeyfile: /etc/ssl/private/sub.domain.com.key
    usecanonicalname: 'Off'
    user: user
    userdirprotect: -1

Page 1 of 2 12 LastLast

Similar Threads

  1. 500 internal server error with SSL
    By aprillia99 in forum General Discussion
    Replies: 1
    Last Post: 12-26-2012, 07:32 AM
  2. internal server error 500 SSL certificate
    By jpmd26 in forum General Discussion
    Replies: 6
    Last Post: 04-03-2012, 12:51 PM
  3. suphp+ssl = 500 internal server error
    By backtogeek in forum General Discussion
    Replies: 9
    Last Post: 08-06-2010, 10:30 PM
  4. Replies: 0
    Last Post: 06-06-2010, 02:13 AM
  5. SSL problem - 500 Internal Server Error
    By alexp in forum General Discussion
    Replies: 1
    Last Post: 02-06-2005, 08:13 AM
bargain