Current time: 01-25-2022, 08:16 AM Hello There, Guest! (LoginRegister)


Post Reply 
SSL and Normal login panel at the same time.
Author Message
Gleno0h Offline
Junior Member
*

Posts: 19
Joined: Nov 2009
Reputation: 0
Post: #1
SSL and Normal login panel at the same time.
This tutorial is bases on the "SSL made easy" tutorial.


First, install the dependencies:
Quote:apt-get install openssl

Generate the certificates:
$SERVER_NAME = your hostname
ex.
openssl genrsa -des3 -out $SERVER_NAME-pass.key 2048
becomes
openssl genrsa -des3 -out server1.example.com-pass.key 2048

Quote:cd /etc/ssl/certs
echo $SERVER_NAME
openssl genrsa -des3 -out $SERVER_NAME-pass.key 2048
openssl req -new -key $SERVER_NAME-pass.key -out $SERVER_NAME.csr
openssl rsa -in $SERVER_NAME-pass.key -out $SERVER_NAME.key
openssl x509 -req -days 365 -in $SERVER_NAME.csr -signkey $SERVER_NAME.key -out $SERVER_NAME.crt
chmod 444 *.crt
chmod 400 *.key
chmod 400 *.key didnt work on my linux debian but chmod 400 fullnameofthefile.key did work.

Enable SSL for apache and reload Apache2:
Quote:a2enmod ssl
/etc/init.d/apache2 reload

Nano (or your other favorite text-editor) the apache2 config file:
Quote:nano /etc/apache2/sites-available/00_master.conf

Copy everything between the Master begin comment and Master end comment and paste it below so you would have 2 virtual hosts in that file.

ex.
Quote:#
# Master Begin
#

<VirtualHost xxx.xxx.xxx.xxx:80>

and everything in between

</VirtualHost>

#
# Master End
#

#
# SSL Begin
#

<VirtualHost xxx.xxx.xxx.xxx:443>

and everything in between

</VirtualHost>

#
# SSL End
#
Please note, xxx.xxx.xxx.xxx is for illustration only.
Note2, The port and the SSL begin has to be 443 for SSL

Add this to "SSL begin" entry:

Quote:SSLEngine On
SSLCertificateFile /etc/ssl/certs/$SERVER_NAME.crt
SSLCertificateKeyFile /etc/ssl/certs/$SERVER_NAME.key
ServerAlias admin.$SERVER_NAME

So it looks like:
Quote:#
# SSL Begin
#

<VirtualHost 192.168.123.165:443>

ServerAdmin User@$SERVER_NAME
DocumentRoot /var/www/ispcp/gui
ServerName $SERVER_NAME
ServerAlias admin.$SERVER_NAME
SSLEngine On
SSLCertificateFile /etc/ssl/certs/$SERVER_NAME.crt
SSLCertificateKeyFile /etc/ssl/certs/$SERVER_NAME.key
ServerAlias admin.$SERVER_NAME


Alias /errors /var/www/ispcp/gui/errordocs/

ErrorDocument 401 /errors/401.html
ErrorDocument 403 /errors/403.html
Error...... ETC ETC ETC

Be sure to open port 443 and forward it.

Edit the default index.tpl file to enable the option for SSL with your favorite text-editor tool:
Quote:nano /var/www/ispcp/gui/themes/omega_original/index.tpl

Scroll down to the SSL section and uncomment it, then save the file as the same name; index.tpl

If you followed this correctly, you can now use the login panel with SSL and normal.

This is my first post and i hope this isnt a double post, i couldnt find anything on this.

Gleno0h.
*Credits to whoever made the SSL made easy tutorial;
SSL MADE EASY
11-17-2009 05:25 PM
Find all posts by this user Quote this message in a reply
sakal Offline
Junior Member
*

Posts: 42
Joined: Mar 2010
Reputation: 0
Post: #2
RE: SSL and Normal login panel at the same time.
Very good , thanks for this
04-06-2010 09:28 PM
Find all posts by this user Quote this message in a reply
rAdKy Offline
Junior Member
*

Posts: 18
Joined: Feb 2010
Reputation: 0
Post: #3
RE: SSL and Normal login panel at the same time.
Quote:Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator

In error logs is this:

[Mon May 03 16:30:40 2010] [warn] (104)Connection reset by peer: mod_fcgid: read data from fastcgi server error.
[Mon May 03 16:30:40 2010] [error] [client 77.85.168.6] Premature end of script headers: index.php
05-03-2010 11:32 PM
Find all posts by this user Quote this message in a reply
TheCry Away
Member
***

Posts: 851
Joined: Oct 2008
Reputation: 21
Post: #4
RE: SSL and Normal login panel at the same time.
(05-03-2010 11:32 PM)rAdKy Wrote:  
Quote:Internal Server Error

The server encountered an internal error or misconfiguration and was unable to complete your request.

Please contact the server administrator

In error logs is this:

[Mon May 03 16:30:40 2010] [warn] (104)Connection reset by peer: mod_fcgid: read data from fastcgi server error.
[Mon May 03 16:30:40 2010] [error] [client 77.85.168.6] Premature end of script headers: index.php
Which Version of ispCP you are using?
Check the owner and ownergroup of the script!
05-03-2010 11:58 PM
Find all posts by this user Quote this message in a reply
rAdKy Offline
Junior Member
*

Posts: 18
Joined: Feb 2010
Reputation: 0
Post: #5
RE: SSL and Normal login panel at the same time.
version is ispcp-omega-1.0.4
owner and ownergroup of the script are OK

this is my error when I try to open control panel ispcp ->> https://admin.domain.ltd
05-04-2010 12:04 AM
Find all posts by this user Quote this message in a reply
TheCry Away
Member
***

Posts: 851
Joined: Oct 2008
Reputation: 21
Post: #6
RE: SSL and Normal login panel at the same time.
Quote:https://admin.domain.ltd
How should i open this site?



Mhhh... Did you have a backup of the index.php and the index.tpl?
And use the Howto from the Wiki:
http://www.isp-control.net/documentation..._made_easy
or
http://www.isp-control.net/documentation...e_services

My favorite is the second one...
How are the owner and the ownergroup?
(This post was last modified: 05-04-2010 12:15 AM by TheCry.)
05-04-2010 12:14 AM
Find all posts by this user Quote this message in a reply
rAdKy Offline
Junior Member
*

Posts: 18
Joined: Feb 2010
Reputation: 0
Post: #7
RE: SSL and Normal login panel at the same time.
-r--r----- 1 vu2000 www-data 3823 2010-03-07 16:21 index.php

I use the second howto wiki step by step..

my 01_ssl_master.conf is:

Quote:<VirtualHost x.x.x.x:443>
#
# SSL Start
#
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key.pem
#
# SSL End
#

ServerAdmin admin@domain.ltd
DocumentRoot /var/www/ispcp/gui

ServerName admin.domain.ltd

ErrorLog /var/log/apache2/users/ssl.domain.ltd.info-error.log
TransferLog /var/log/apache2/users/ssl.domain.ltd.info-access.log
CustomLog /var/log/apache2/ssl.admin.domain.ltd-traf.log traff
CustomLog /var/log/apache2/ssl.admin.domain.ltd-combined.log combined
</VirtualHost>
(This post was last modified: 05-04-2010 12:27 AM by rAdKy.)
05-04-2010 12:26 AM
Find all posts by this user Quote this message in a reply
TheCry Away
Member
***

Posts: 851
Joined: Oct 2008
Reputation: 21
Post: #8
RE: SSL and Normal login panel at the same time.
My friend...
That's a poor config...
Make a copy of the 00_master.conf to 01_ssl_master.conf...
Then make the changes inside the 01_ssl_master.conf...
Code:
<VirtualHost x.x.x.x:443>
#
# SSL Start
#
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/apache.key.pem
#
# SSL End
#
And the rest ca be the same like in 00_master.conf...
In my opinion you should use other logfile names in the 01_ssl_master.conf


Edit:
I forgot... You need to enable this new configfile!
(This post was last modified: 05-04-2010 12:38 AM by TheCry.)
05-04-2010 12:35 AM
Find all posts by this user Quote this message in a reply
rAdKy Offline
Junior Member
*

Posts: 18
Joined: Feb 2010
Reputation: 0
Post: #9
RE: SSL and Normal login panel at the same time.
TheCry@ Thank you Smile It's ready Smile
05-04-2010 01:05 AM
Find all posts by this user Quote this message in a reply
aseques Offline
Member
*****
Dev Team

Posts: 330
Joined: May 2008
Reputation: 4
Post: #10
RE: SSL and Normal login panel at the same time.
Hello everyone,
I am the author or the ssl_made_easy, also the current mantainer of another tutorial:
http://www.isp-control.net/documentation...efaultport

(05-04-2010 12:35 AM)TheCry Wrote:  My friend...
That's a poor config...
Since this is based on what I did, I'll tell why it's done that way (in a single file). Basically the problem with separate files is that you cannot use wildcards.

The most interesting part of this configuration is the:
Code:
RewriteCond %{HTTP_HOST}   ^webmail\..* [NC]
    RewriteRule ^/(.*)         https://{BASE_SERVER_VHOST}/tools/webmail/ [R=301]
If you put that on 00_master_ssl.conf, it won't work, because the wildcards are only watched on the first file (it was a long time ago I did that, but it think it's still that way)

Finally, I'd recommend to use this setup:
http://www.isp-control.net/documentation...efaultport

It' allows you to have a ssl secured panel (the one at 8443) while having a ssl server in port 443 for the people that want https, but don't need a proper certificate+ip
05-04-2010 01:05 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)