The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSL Problem

Discussion in 'General Discussion' started by Omar, Sep 16, 2002.

  1. Omar

    Omar Well-Known Member

    Joined:
    Jul 30, 2002
    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    6
    I am trying to install a server-signed cert for a customer's domain.

    I've gone through the WHM steps, and apache has been restarted correctly, but when I go to:

    https://domain.com/

    I get a &The page cannot be displayed& error in Internet Explorer.

    The httpd.conf doesn't seem to have any &sslenable& lines, so I'm not sure if WHM enabled SSL properly.

    I am a newbie when it comes to SSL, so I'm not sure if I'm doing something wrong.

    I'd appreciate any help in this matter.

    - Omar
     
  2. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    Were there any errors when you installed the cert? It doesn't sound like it actually installed correctly at all. You might want to go through it again (maybe with NS or Mozilla) and watch the output of the install. I've seen one error consistently (look for depth:20) that seems to be safe to ignore, but anything else generated might be worth a closer examination. Of course, there's always the manual install, too, and if the attempt doesn't work the second time, might be the way you'll need to go.
     
  3. Omar

    Omar Well-Known Member

    Joined:
    Jul 30, 2002
    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    6
    I managed to get another cert that looked to be installed correctly, with only the self-signed error coming up, but when WHM attempted to restart apache, it failed.

    I had to quickly replace httpd.conf with a backup.

    I noticed that this one had the httpd.conf lines though.

    One thing that I am curious about, it seemed as if WHM added a whole new virtual host entry for the domain I made the cert for, even when that domain was already on the server as an account. (made through WHM)

    Any ideas

    - Omar
     
  4. jsteel

    jsteel Well-Known Member

    Joined:
    Jul 4, 2002
    Messages:
    646
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Atlanta, GA
    It should create a new entry, but it should be wrapped in an &if ssl& statement.

    I've found a bug in applying InstantSSL certs, so you are trying to apply one of those, let me know and I can tell you how to do it manually.

    Jaz
     
  5. Annette

    Annette Well-Known Member
    PartnerNOC

    Joined:
    Aug 12, 2001
    Messages:
    445
    Likes Received:
    0
    Trophy Points:
    16
    Check the actual error that is being generated by tailing the error log when restarting apache after installing the cert. There should be a descriptive reason why apache is failing, which will help narrow things down. If removing the cert entries takes care of it, it's something within the cert install itself, but it should be possible to overcome this, even it it takes manual adjustment.

    It is normal to have a new virtual host entry for the domain, suffixed with :443 as an indication that it contains cert-specific information for that host.
     
  6. Omar

    Omar Well-Known Member

    Joined:
    Jul 30, 2002
    Messages:
    82
    Likes Received:
    0
    Trophy Points:
    6
    How do I tail the logfile?, I'm a bit of a newbie when it comes to checking logs in shell.

    Thanks

    - Omar
     
  7. bert

    bert Well-Known Member

    Joined:
    Aug 21, 2001
    Messages:
    602
    Likes Received:
    0
    Trophy Points:
    16
    just do:

    tail /usr/local/apache/logs/error_log

    or do:

    tail /var/log/messages

    Although the errors should appear on the apache error log, which is the first one above.
     
  8. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    [quote:d3e38219cf][i:d3e38219cf]Originally posted by jsteel[/i:d3e38219cf]

    It should create a new entry, but it should be wrapped in an &if ssl& statement.

    I've found a bug in applying InstantSSL certs, so you are trying to apply one of those, let me know and I can tell you how to do it manually.

    Jaz[/quote:d3e38219cf]
    What's that bug you've found with instantSSL?
     
  9. Marty

    Marty Well-Known Member

    Joined:
    Oct 10, 2001
    Messages:
    630
    Likes Received:
    1
    Trophy Points:
    18
    when installing an instantssl cert, no

    SSLCACertificateFile /usr/share/ssl/certs/domain.com.cabundle

    line is added to the secure vhost entry in the httpd.conf file to point to he certificate cabundle that you paste into the WHM form.
     
Loading...

Share This Page