The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Problem installing CRT...

Discussion in 'General Discussion' started by brianteeter, Apr 2, 2002.

  1. brianteeter

    brianteeter Well-Known Member

    Joined:
    Jan 6, 2002
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    Here's what I get:

    Any thoughts? Nothing changes in httpd.conf, and no SSL requests are answered.

    Thanks - Brian


    Attempting to verify your certificate.....
    Cerificate appears to be intact
    /usr/share/ssl/certs/wesmarc.com.crt.test: OK

    Warning: DocumentRoot [/home/paraster/public_html/chinese] does not exist
    [Tue Apr 2 19:19:53 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    ...
    (a bunch more No VirtualHosts... gotta love that &feature& of WHM. :)
    ...
    Syntax OK
    The CRT for the domain wesmarc.com could not be installed.
    Apache produced the following errors:
     
  2. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    we'll need to see what's in your /usr/local/apache/logs/error_log upon apache restart to know what exactly it's failing on.........

    it should report a certificate mismatch to the private key or OpenSSL busted, or something along those lines.
     
  3. brianteeter

    brianteeter Well-Known Member

    Joined:
    Jan 6, 2002
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    [quote:505cb7f9a0][i:505cb7f9a0]Originally posted by feanor[/i:505cb7f9a0]


    we'll need to see what's in your /usr/local/apache/logs/error_log upon apache restart to know what exactly it's failing on.........

    it should report a certificate mismatch to the private key or OpenSSL busted, or something along those lines.
    [/quote:505cb7f9a0]

    Wow, that was fast!

    Here goes, fresh from the error log:

    [Tue Apr 2 19:14:31 2002] [error] [client 138.88.1.201] File does not exist: /usr/local/cpanel/base/neomail/neo-images/neomail-bg.gif
    [Tue Apr 2 19:15:37 2002] [notice] caught SIGTERM, shutting down
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.160:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:41 2002] [warn] NameVirtualHost 216.12.211.202:80 has no VirtualHosts
    [Tue Apr 2 19:15:44 2002] [notice] Apache/1.3.23 (Unix) mod_bwlimited/1.0 mod_jk PHP/4.1.2 mod_log_bytes/0.3 FrontPage/5.0.2.2510 mod_ssl/2.8.7 OpenSSL/0.9.6 configured -- resuming normal operations
    [Tue Apr 2 19:15:44 2002] [notice] suEXEC mechanism enabled (wrapper: /usr/local/apache/bin/suexec)
    [Tue Apr 2 19:15:44 2002] [notice] Accept mutex: sysvsem (Default: sysvsem)
    [Tue Apr 2 19:15:56 2002] [error] [client 138.88.1.201] File does not exist: /usr/local/cpanel/base/neomail/neo-images/neomail-bg.gif
    [Tue Apr 2 19:16:11 2002] [error] [client 138.88.1.201] Invalid method in request L
    [Tue Apr 2 19:16:12 2002] [error] [client 138.88.1.201] Invalid method in request L


    The last two lines occur when I request the https://&IP Address& page on the server.

    Thanks - Brian
     
  4. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    run /scripts/initsslhttpd

    and then kill apache (killall -9 httpd)
    and

    /etc/rc.d/init.d/httpd startssl &
     
  5. brianteeter

    brianteeter Well-Known Member

    Joined:
    Jan 6, 2002
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    [quote:93e524ddb5][i:93e524ddb5]Originally posted by feanor[/i:93e524ddb5]


    run /scripts/initsslhttpd

    [/quote:93e524ddb5]

    Done. No output produced. (Assuming this is correct operation...)


    [quote:93e524ddb5]

    and then kill apache (killall -9 httpd)
    and

    /etc/rc.d/init.d/httpd startssl &

    [/quote:93e524ddb5]

    Done. Produced the same output in the log as before. Reattempted to install the CRT, got the same message as before. Restarted apache, produced the same logs as before...

    No dice. Any other ideas?

    Thanks - Brian
     
  6. feanor

    feanor Well-Known Member

    Joined:
    Aug 13, 2001
    Messages:
    836
    Likes Received:
    0
    Trophy Points:
    16
    try using /scripts/installssl
    to install the certificate from the command line.

    I'm assuming the key you generated for the domain is still on the server, right? Did you use cpanel/whm to generate the key and CSR?
     
  7. brianteeter

    brianteeter Well-Known Member

    Joined:
    Jan 6, 2002
    Messages:
    72
    Likes Received:
    0
    Trophy Points:
    6
    OK. The command line created the following in httpd.conf:

    &IfDefine SSL&
    &VirtualHost 216.12.211.202:443&
    ServerAdmin webmaster@wesmarc.com
    DocumentRoot /home/wesmarc/public_html
    ServerName wesmarc.com

    CustomLog /usr/local/apache/domlogs/wesmarc.com-ssl_log &%t %{version}c %{cipher}c %{clientcert}c&

    SSLVerifyClient none
    SSLEnable

    SSLCertificateFile /usr/share/ssl/certs/wesmarc.com.crt
    SSLCertificateKeyFile /usr/share/ssl/private/wesmarc.com.key
    SSLLogFile /usr/local/apache/domlogs/wesmarc.com-ssl
    UserDir public_html

    ScriptAlias /cgi-bin/ /home/wesmarc/public_html/cgi-bin/
    &/VirtualHost&
    &/IfDefine&

    But, restarting Apache produces in the error_log:



    [Tue Apr 2 21:44:45 2002] [error] [client 207.243.118.1] File does not exist: /home/continen/public_html/
    holly_pong.gif
    [Tue Apr 2 21:44:45 2002] [error] [client 207.243.118.1] File does not exist: /home/continen/public_html/
    404.shtml
    [Tue Apr 2 21:45:32 2002] [error] [client 152.163.188.232] File does not exist: /home/dropndra/public_htm
    l/shows/shows_2k1/september_slam/P1060346.JPG
    [Tue Apr 2 21:45:32 2002] [error] [client 152.163.188.232] File does not exist: /home/dropndra/public_htm
    l/404.shtml
    [Tue Apr 2 21:45:49 2002] [error] [client 152.163.189.173] File does not exist: /home/dropndra/public_htm
    l/shows/shows_2k1/september_slam/P1060451.JPGhttp://
    [Tue Apr 2 21:45:49 2002] [error] [client 152.163.189.173] File does not exist: /home/dropndra/public_htm
    l/404.shtml
    [Tue Apr 2 21:45:53 2002] [notice] caught SIGTERM, shutting down
    [Tue Apr 2 21:45:55 2002] [error] mod_ssl: Init: Private key not found (OpenSSL library error follows)
    [Tue Apr 2 21:45:55 2002] [error] OpenSSL: error:0D084069:asn1 encoding routines:d2i_ASN1_SET:bad tag
    [Tue Apr 2 21:45:55 2002] [error] OpenSSL: error:0D09D082:asn1 encoding routines:d2i_RSAPrivateKey:parsin
    g
    [Tue Apr 2 21:45:55 2002] [error] OpenSSL: error:0D09B00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib


    Note that the files as referenced in the directives for the SSL commands exist, and are readible by nobody. (Verified on the command line, by su'ing to nobody and cating the files. )

    Any ideas?

    Thanks - Brian


    [quote:20f6cf4293][i:20f6cf4293]Originally posted by feanor[/i:20f6cf4293]


    try using /scripts/installssl
    to install the certificate from the command line.

    I'm assuming the key you generated for the domain is still on the server, right? Did you use cpanel/whm to generate the key and CSR?

    [/quote:20f6cf4293]
     
Loading...

Share This Page