Current time: 11-23-2024, 05:09 AM Hello There, Guest! (LoginRegister)


Post Reply 
Install SSL certificate to a customer domain
Author Message
Diego Offline
Junior Member
*

Posts: 30
Joined: Sep 2009
Reputation: 0
Post: #1
Install SSL certificate to a customer domain
How to enable that?

Using this guide doesn't helped much.
Thanks
(This post was last modified: 04-07-2010 01:41 PM by Diego.)
01-12-2010 08:54 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #2
RE: Install SSL certificate to a customer domain
Ispcp does not support SSL certificates as of now. Therefore, you have to manually setup it, which is described in many howtos. Keep in mind that when upgrading the panel, your modifications might have to be reapplied.

Basic schema of what to do:
1. Add Listen "YOUR.SRV.IP.ADDR:443" below wherever "Listen YOUR.SRV.IP.ADDR:80" is.
2. Copy the whole "<VirtualHost YOUR.SRV.IP.ADDR:80>...</VirtualHost>" corresponding to the website that you want to SSL-enable
3. Paste it into a new file "/etc/apache2/sites-available/ispcp-ssl"
4. Replace ":80" by ":443" in this new file
5. Add the required SSL directives, such as (these files should be provided by whoever sold you the certificate):
Code:
SSLEngine On
SSLCertificateFile /etc/ssl/certs/SERVER_NAME.crt
SSLCertificateKeyFile /etc/ssl/certs/SERVER_NAME.key
6. execute "a2ensite ispcp-ssl"
7. execute "a2enmod ssl"
8. Restart apache and enjoy your newly-enabled ssl site

Final note: keep in mind that you can only enable one SSL site per IP address, so do *not* copy the whole ispcp.conf and replace every :80 with :443 expecting that all the websites will be ssl-enabled, because it will *not* work.
01-12-2010 05:17 PM
Visit this user's website Find all posts by this user Quote this message in a reply
mwlake Offline
Junior Member
*

Posts: 18
Joined: Oct 2008
Reputation: 0
Post: #3
RE: Install SSL certificate to a customer domain
Kilburn,
I have made a request in the "Setup and Installations" forums section for this exact problem.
I need to install a Purchased CA Certificate to my Website. Could you write an instruction HOWTO for this procedure. The above reply implies there may be steps missing, "Basic schema of what to do". Your help would be greatly appreciated.
02-12-2010 06:19 PM
Visit this user's website Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #4
RE: Install SSL certificate to a customer domain
I said "basic schema" because it explains the basic steps of what you should do to install the certificate, but doesn't provide detailed copy/paste tested instructions. Have you tried to understand what these steps are doing? Have you checked them against other "how to setup ssl in apache" howtos? Is there any specific thing you don't understand?

It's not that difficult...
(This post was last modified: 02-12-2010 06:47 PM by kilburn.)
02-12-2010 06:42 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Diego Offline
Junior Member
*

Posts: 30
Joined: Sep 2009
Reputation: 0
Post: #5
RE: Install SSL certificate to a customer domain
Hello kilburn, sorry for bring this up again, it's just that I did everything you said, a thought it's not working as expected.
Here is my .conf file
Quote:NameVirtualHost 188.40.134.xxx:443

<VirtualHost 188.40.134.xxx:443>

# SSL Directives
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key

<IfModule suexec_module>
SuexecUserGroup vu2000 vu2000
</IfModule>

ServerAdmin admin@example.com
DocumentRoot /var/www/virtual/example.com/htdocs

ServerName example.com
ServerAlias http://www.example.com example.com *.example.com

Alias /errors /var/www/virtual/example.com/errors/

RedirectMatch permanent ^/ftp([\/]?) http://admin.example.com/ftp/
RedirectMatch permanent ^/pma([\/]?) http://admin.example.com/pma/
RedirectMatch permanent ^/webmail([\/]?) http://admin.example.com/webmail/

ErrorDocument 401 /errors/401.html
ErrorDocument 403 /errors/403.html
ErrorDocument 404 /errors/404.html
ErrorDocument 500 /errors/500.html
ErrorDocument 503 /errors/503.html

<IfModule mod_cband.c>
CBandUser example.com
</IfModule>

# httpd awstats support BEGIN.

ProxyRequests Off

<Proxy *>
Order deny,allow
Allow from all
</Proxy>

ProxyPass /stats http://localhost/stats/example.com
ProxyPassReverse /stats http://localhost/stats/example.com

<Location /stats>
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^(.+)\?config=([^\?\&]+)(.*) $1\?config=example.com&$3 [NC,L]
</IfModule>
AuthType Basic
AuthName "Statistics for domain example.com"
AuthUserFile /var/www/virtual/example.com/.htpasswd
AuthGroupFile /var/www/virtual/example.com/.htgroup
Require group statistics
</Location>

# httpd awstats support END.

# httpd dmn entry cgi support BEGIN.
ScriptAlias /cgi-bin/ /var/www/virtual/example.com/cgi-bin/
<Directory /var/www/virtual/example.com/cgi-bin>
AllowOverride AuthConfig
#Options ExecCGI
Order allow,deny
Allow from all
</Directory>
# httpd dmn entry cgi support END.

<Directory /var/www/virtual/example.com/htdocs>
# httpd dmn entry PHP support BEGIN.
# httpd dmn entry PHP support END.
Options -Indexes Includes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
Allow from all
</Directory>

# httpd dmn entry PHP2 support BEGIN.
<IfModule mod_php5.c>
php_admin_value open_basedir "/var/www/virtual/example.com/:/var/www/virtual/example.com/phptmp/:/usr/share/php/"
php_admin_value upload_tmp_dir "/var/www/virtual/example.com/phptmp/"
php_admin_value session.save_path "/var/www/virtual/example.com/phptmp/"
php_admin_value sendmail_path '/usr/sbin/sendmail -f vu2001 -t -i'
</IfModule>
<IfModule mod_fastcgi.c>
ScriptAlias /php5/ /var/www/fcgi/example.com/
<Directory "/var/www/fcgi/example.com">
AllowOverride None
Options +ExecCGI -MultiViews -Indexes
Order allow,deny
Allow from all
</Directory>
</IfModule>
<IfModule mod_fcgid.c>
<Directory /var/www/virtual/example.com/htdocs>
FCGIWrapper /var/www/fcgi/example.com/php5-fcgi-starter .php
Options +ExecCGI
</Directory>
<Directory "/var/www/fcgi/example.com">
AllowOverride None
Options +ExecCGI MultiViews -Indexes
Order allow,deny
Allow from all
</Directory>
</IfModule>
# httpd dmn entry PHP2 support END.

Include /etc/apache2/ispcp/example.com.conf

</VirtualHost>

thanks for your time
(This post was last modified: 04-08-2010 10:08 AM by Diego.)
04-07-2010 03:09 PM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #6
RE: Install SSL certificate to a customer domain
... and /var/log/apache2/suexec.log says....? (the apache config is OK, so I bet it's a permission thing).
04-07-2010 03:44 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Diego Offline
Junior Member
*

Posts: 30
Joined: Sep 2009
Reputation: 0
Post: #7
RE: Install SSL certificate to a customer domain
changed
Quote:<IfModule suexec_module>
SuexecUserGroup vu2000 vu2000
</IfModule>

to
Quote:<IfModule suexec_module>
SuexecUserGroup vu2001 vu2001
</IfModule>

and worked like a charm Big Grin
Thanks!!
(This post was last modified: 04-08-2010 10:09 AM by Diego.)
04-08-2010 10:09 AM
Find all posts by this user Quote this message in a reply
Snooops Offline
Junior Member
*****
Dev Team

Posts: 89
Joined: Nov 2009
Reputation: 0
Post: #8
RE: Install SSL certificate to a customer domain
Hi,
is there a implementation now on the gui of ispcp? I really need a gui for it Wink
10-14-2010 06:00 PM
Find all posts by this user Quote this message in a reply
RouterRat Offline
Junior Member
*

Posts: 30
Joined: Mar 2011
Reputation: 0
Post: #9
RE: Install SSL certificate to a customer domain
So my virtual host, should have a unique IP address right?

Because it has a shared IP address right now and if I enable SSL on that ip, it would enable it for the control panel right?
08-28-2011 09:52 AM
Find all posts by this user Quote this message in a reply
kilburn Offline
Development Team
*****
Dev Team

Posts: 2,182
Joined: Feb 2007
Reputation: 34
Post: #10
RE: Install SSL certificate to a customer domain
You can enable SSL for a single website if you wish (it will *not* enable SSL for the panel, only for the website that you copy to this new ispcp-ssl file).

If you want SSL for both the panel and a website, then you need two different IPs.
08-30-2011 09:46 AM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)