The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

another SSL CERT Problem :-(

Discussion in 'General Discussion' started by liquidcherry, Jul 5, 2004.

  1. liquidcherry

    liquidcherry Well-Known Member

    Joined:
    Jan 20, 2004
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    hello all,

    i need some help with the install from a ssl cert what i received from instant ssl.
    I searched the whole forum but it looks to me that each install is different and can be followed by different problems :-(.

    Here is my situation:


    I have an own ip for it
    i made an a record in the DNS Zone of the FQDN for the members.domain.com(with the own IP,no shared ip )
    i made an subdomain members.domain.com and put in the folder members the stuff what i need secured
    This happend a long time ago so iam sure it propagated

    Now i installed the crt in WHM,installation was successfull and after i checked it the cert popup came with a question that the root is not trusted....(what is another problem ,i am waiting for an answer from the support)
    after i clicked on trust the damn thing it redirected me to the main page
    Now I followed the advice from chirpy(http://forums.cpanel.net/showthread.php?s=&threadid=26432) and changed manually the doc root
    After that when i go now to http://members.domain.com it comes the cpanel page"here is nothing configured"
    But now when i go to https://members.domain.com "the site cannot be found"
    I even started over, deinstalled the cert,deleted all related key and cert files,deleted the SSL host in WHM (what also erased the subdomain ) and installed the cert new...
    But same result,no https running.

    here are the ssl related parts from my httpd.conf:

    NameVirtualHost 11.222.333.55:80
    Alias /bandwidth/ /usr/local/bandmin/htdocs/
    NameVirtualHost 11.222.444.666:443 <------ (i added the port because apache was complaining)


    <VirtualHost 11.222.444.666:443>
    BytesLog domlogs/members.domain.com-bytes_log
    ServerName members.domain.com
    ServerAlias www.members.domain.com
    ServerAdmin wwwadmin@domain.com
    DocumentRoot /home/user_public_html/members<---- i changed this after chirpy's advice
    CustomLog domlogs/members.domain.com combined
    ScriptAlias /cgi-bin/ /home/user/public_html/members/cgi-bin/

    </VirtualHost>

    <IfDefine SSL>
    <VirtualHost 11.222.444.666:443>
    ServerAdmin webmaster@members.domain.com
    DocumentRoot /home/user_public_html/members<---- i changed this after chirpy's advice
    ServerName members.domain.com
    CustomLog /usr/local/apache/domlogs/members.domain.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/user/:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/members.domain.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/members.domain.com.key
    SSLLogFile /var/log/members.domain.com
    UserDir public_html/
    ScriptAlias /cgi-bin/ /home/user/public_html/cgi-bin/
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>

    Do i missing something here or is it just me beeing braindead after all i tried? :)

    So,any ideas,help,advice,input will be highly appreciated


    Frank
     
    #1 liquidcherry, Jul 5, 2004
    Last edited: Jul 6, 2004
  2. albatroz

    albatroz Well-Known Member

    Joined:
    Mar 6, 2003
    Messages:
    258
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Virtual Orbis / Peru
    cPanel Access Level:
    Root Administrator
  3. liquidcherry

    liquidcherry Well-Known Member

    Joined:
    Jan 20, 2004
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    thx....

    hi alba,
    thanks for the link....
    i am now in contact with their support in the moment and they will give me a new one :)
    And they also will take care of the other issues so i guess it will work soon



    bye

    Frank
     
  4. verticalhost

    verticalhost Active Member

    Joined:
    Apr 28, 2004
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Fort Walton Beach, FL
  5. liquidcherry

    liquidcherry Well-Known Member

    Joined:
    Jan 20, 2004
    Messages:
    63
    Likes Received:
    0
    Trophy Points:
    6
    thx...

    thank you David,

    looks interesting,i will go through when i have a little bit more time :)


    regards

    Frank
     
  6. maverick

    maverick Well-Known Member

    Joined:
    Jan 6, 2003
    Messages:
    68
    Likes Received:
    0
    Trophy Points:
    6
    I have just had this same problem too. We've installed dozens of Comodo certs through WHM in the past without any issue. I suspect that something has gone awry with the installer in the latest WHM update (I'm using WHM 9.4.0 cPanel 9.4.1-R55).

    It seems that it is missing out the critical line:
    SSLCACertificateFile /usr/share/ssl/certs/securedomainname.cabundle

    when it adds the entry into httpd.conf
    You can add it manually to solve the problem. Just searching Bugzilla and it appears that this issue has now been reported (bug #793), so hopefully it will be fixed soon!

    Mav.
     
    #6 maverick, Jul 7, 2004
    Last edited: Jul 7, 2004
  7. jasgot

    jasgot Well-Known Member

    Joined:
    Mar 2, 2004
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    6
    I am struggling with this also. Where do I add this line:
    SSLCACertificateFile /usr/share/ssl/certs/securedomainname.cabundle

    and is that the actual line, or does something change for each server or domain?
     
  8. icanectc

    icanectc Well-Known Member

    Joined:
    Mar 10, 2003
    Messages:
    344
    Likes Received:
    0
    Trophy Points:
    16
    Here is what you are gonna wanna do... Make sure it's a txt file not a cabundle file and put it in the CA directory of /usr/share/ssl/CA
    and look for the # sign below that's where you add the above coding. make sure you change both the file name and the path it's looking for the intermediate script at. and all should be good. Let me know if you still have problems.

    <IfDefine SSL>
    <VirtualHost 11.222.444.666:443>
    ServerAdmin webmaster@members.domain.com
    DocumentRoot /home/user_public_html/members<---- i changed this after chirpy's advice
    ServerName members.domain.com
    CustomLog /usr/local/apache/domlogs/members.domain.com-ssl_log "%t %{version}c %{cipher}c %{clientcert}c"
    <IfModule mod_php4.c>
    php_admin_value open_basedir "/home/user/:/usr/lib/php:/usr/local/lib/php:/tmp"
    </IfModule>
    SSLEnable
    SSLCertificateFile /usr/share/ssl/certs/members.domain.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/members.domain.com.key
    # ADD IT HERE
    SSLCACertificateFile /usr/share/ssl/CA/yourdomain.txt
    SSLLogFile /var/log/members.domain.com
    UserDir public_html/
    ScriptAlias /cgi-bin/ /home/user/public_html/cgi-bin/
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    </VirtualHost>
    </IfDefine>
     
  9. jasgot

    jasgot Well-Known Member

    Joined:
    Mar 2, 2004
    Messages:
    55
    Likes Received:
    1
    Trophy Points:
    6
    Got it working! seems as though I thought the root was the bundle. The bundle files actually this file: ComodoSecurityServicesCA.crt once I pasted this file into the third box, it all worked just fine!

    Thanks for all the help, it went a long way in understanding how this all works. Which led to the solution.
     
Loading...

Share This Page