The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache error after install SSL Certificate

Discussion in 'EasyApache' started by Jeff75, Jan 7, 2005.

  1. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    I'm trying to install an SSL cert that I purchased from GeoTrust for hostname.domain.com for a shared SSL certificate. When installing it through WHM I get the following error with Apache:

    When trying to pull up the URL in a browser https://hostname.domain.com/, this comes up:

    Can someone tell me how to figure out what the problem is so I can get this working?
     
    #1 Jeff75, Jan 7, 2005
    Last edited: Jan 8, 2005
  2. Stefaans

    Stefaans Well-Known Member

    Joined:
    Mar 5, 2002
    Messages:
    451
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Vancouver, Canada
    I had the same issue yesterday when trying to install a certificate. WHM said that Apache reported an error, but it did not display the actual error message. I then added the certificate manually by editing httpd.conf.

    The additional lines in your httpd.conf should look something like below. You should oviously replace the IP, domain name and username.

    Code:
    <IfDefine SSL> 
    <VirtualHost 12.34.56.78:443> 
    ServerAlias www.mydomain.com mydomain.com 
    ServerAdmin webmaster@mydomain.com 
    DocumentRoot /home/forum/public_html 
    BytesLog domlogs/mydomain.com-bytes_log 
    ServerName www.mydomain.com 
    <IfModule mod_userdir.c> 
    Userdir disabled 
    Userdir enabled myuser 
    </IfModule> 
    <IfModule mod_php4.c> 
    php_admin_value open_basedir "/home/forum:/usr/lib/php:/usr/local/lib/php:/tmp" 
    </IfModule> 
    User myuser 
    Group myuser 
    SSLEngine on 
    SSLCertificateFile /usr/share/ssl/certs/mydomain.com.crt 
    SSLCertificateKeyFile /usr/share/ssl/private/mydomain.com.key 
    CustomLog domlogs/mydomain.com combined 
    ScriptAlias /cgi-bin/ /home/theuser/public_html/cgi-bin/ 
    </VirtualHost> 
    </IfDefine>
    Hope this helps ;)
     
  3. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    Thanks. That seems to have worked however it is for a shared SSL cert so all users on the server can use it. When I try going to one of my accounts like https://hostname.domain.com/~login/, I get this error:

    Warning: Unknown(): open_basedir restriction in effect. File(/usr/home/login/public_html/index.php) is not within the allowed path(s): (/home/hostname:/usr/lib/php:/usr/local/lib/php:/tmp) in Unknown on line 0

    Warning: Unknown(/usr/home/login/public_html/index.php): failed to open stream: Operation not permitted in Unknown on line 0

    Warning: Unknown(): open_basedir restriction in effect. File(/usr/home/login/public_html/index.php) is not within the allowed path(s): (/home/hostname:/usr/lib/php:/usr/local/lib/php:/tmp) in Unknown on line 0

    Warning: Unknown(/usr/home/login/public_html/index.php): failed to open stream: Operation not permitted in Unknown on line 0

    Warning: (null)(): Failed opening '/usr/home/login/public_html/index.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in Unknown on line 0

    Any idea how to keep this from happening without having to manually add each login name to the openbasedir setting in the httpd.conf for thsi virtualhost?

    Also, I have a a file for each SSL host in the apache conf directory. Each file is a copy of the entire httpd.conf instead of just having info for that particualar SSL host. DOes anybody else have these as well? This seems kind of redundant and inefficient since the file is soooo big.
     
  4. Stefaans

    Stefaans Well-Known Member

    Joined:
    Mar 5, 2002
    Messages:
    451
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Vancouver, Canada
    For the open_base error, it should be sufficient to exlude open_base protection for that one domain, hostname.domain.com. In WHM, Tweak Security, then Php open_basedir Tweak and check the domain in question. Works for me ;)

    I believe the additonal httpd.conf.install**** files you see in the httpd/conf directrory are backups that WHM makes when adding an SSL cert. If you are satisfied that the your httpd.conf works after installing the cert, you can safely delete the other files.
     
  5. Jeff75

    Jeff75 Well-Known Member

    Joined:
    Apr 11, 2003
    Messages:
    555
    Likes Received:
    0
    Trophy Points:
    16
    I don't have the main domain of the server listed in the php open_base page in WHM so I just added the lines to the httpd.conf but instead of having home/username I just have home. It seems like there is no other way around keeping those errors from coming up but the problem is I can echo files from other users' directories in the home directory which is very insecure.

    If you or anybody else knows of a solution to solve this problem, please reply.
     
Loading...

Share This Page