SSL Problems

[Foxleyweb]

Hi all,

I've got a major problem with an SSL certificate under DA. I have a client with a domain attached to a seperate IP address. I got the certificate issued tonight, installed it with no problems and the domain is definitely resolving to the correct IP.

When browsing the site a certificate error is displayed, it is using my own certificate from my main site, and not the new one I have just installed.

I am really desperate to get this fixed and it is apparently a problem with my DA and not the certificate. I have had the installation looked at and all appears to be ok in the config files etc.

Any ideas?

Cheers,
Bret

 

[Foxleyweb]

All sorted for anyone else who struggles with this.

1. Turned off SSL on the domain.
2. Turned on SSL on the domain.
3. Re-installed Certificate.
4. Re-installed CA Bundle (Comodo issued cert.)
5. Restarted httpd.
6. All working!

 

[nobaloney]

Generally the problem is that DirectAdmin hasn't properly stopped/restarted apache, so that's always the first place to check.

It's not always easy to figure out which of those Comodo issued files is the right one to add. Did you install the right one the first time?

Jeff

 

[hostserver]

ssl error

I have one server with seem problem.

I restart apache i put on of ssl nothing always i have the old certificated .

How i change this . Any idea more: cool:

THIS YOU TALL
All sorted for anyone else who struggles with this.

1. Turned off SSL on the domain.
2. Turned on SSL on the domain.
3. Re-installed Certificate.
4. Re-installed CA Bundle (Comodo issued cert.)
5. Restarted httpd.
6. All NO WORKING IS ALWAIS THE OLD CERTIFICATED

 

[creativefuel]

Similar Troubles

All sorted for anyone else who struggles with this.

1. Turned off SSL on the domain.
2. Turned on SSL on the domain.
3. Re-installed Certificate.
4. Re-installed CA Bundle (Comodo issued cert.)
5. Restarted httpd.
6. All working!

I'm having similar troubles, as well. I've followed these instructions. The CA bundle is the one named essential.ca-bundle that I downloaded from Comodo's website. I restarted httpd via the service monitor in DirectAdmin, and I'm still getting the Snake Oil certificate. What should be my next plan of attack?

I do have root access, but was hoping I could do what I need to do via the warm, inviting GUI.

 

[hostserver]

Ssl Error

I make everithing but always i have the old certificated any parson have any idea how delete old and starting whith out problem
Thanks

 

[nobaloney]

If you're still having problems with Comodo Certificates you should use shell access and look in your /usr/local/directadmin/data/users/USERNAME/domains/ directory, specifically at the .cert and .key files (and the file holding the caroot; I'm not sure of the name) to make sure they have the right contents.

If everything looks right there then you should look at the /usr/local/directadmin/data/users/USERNAME/httpd.conf file to see where it expects to find the cert, key, etc.

Of course try rebooting httpd first, as that might fix the problem.

Jeff

 

[creativefuel]

If you're still having problems with Comodo Certificates you should use shell access and look in your /usr/local/directadmin/data/users/USERNAME/domains/ directory, specifically at the .cert and .key files (and the file holding the caroot; I'm not sure of the name) to make sure they have the right contents.

If everything looks right there then you should look at the /usr/local/directadmin/data/users/USERNAME/httpd.conf file to see where it expects to find the cert, key, etc.

Of course try rebooting httpd first, as that might fix the problem.

Jeff

Alrighty, I think we're on to something. The .cert, .key and .cacert look okay. My untrained eye doesn't see anything in /usr/local/directadmin/data/users/USERNAME/httpd.conf that refers to the cert, key, etc. Any example of what that might look like?

Thanks for the help!

 

[creativefuel]

Looks like I got it figured out. There were two problems:

1. The httpd.conf file for this particular account was owned by root. I had to do a chown to assign it the right user and group and now everything seems to be working on my end.

chown diradmin:diradmin httpd.conf

2. The box labeled "Secure SSL" under Domain Setup was unchecked and had to be turned on.