Adding SSL - Still not Safe

[networe]

Hi,

I've problem to setup my SSL certificate to Directadmin. I am the owner of the dedicated server.

This is the URL : https://www.monhebergeur.com:2222/

I've made a "Create A Certificate Request", I saved the CERTIFICATE REQUEST and the RSA PRIVATE KEY.

I went to RapidSSL , I've added my CERTIFICATE REQUEST and registered my ssl to www.monhebergeur.com , so it now works for http and www.

When my website was now fully working with https://www.monhebergeur.com or https://monhebergeur.com , I went to https://www.monhebergeur.com:2222 and tried to install the certificate.

I've "Paste a pre-generated certificate and key" with first , the RSA PRIVATE KEY generated earlier and the "BEGIN CERTIFICATE" given my RapidSSL.

After I clicked on "Click Here to paste a CA Root Certificate" and i've copied my "INTERMEDIATE CA" given by RapidSSL. Everything was all right.

But, when I go back to https://www.monhebergeur.com:2222 , it still says the certificated hasn't been aprooved.

What I did wrong ? I fallowed the tutorial over here : http://www.site-helper.com/ssl.html

Thanks

 

[networe]

Ok, i've checked the details and seems monhebergeur.com:2222 'use' ks3098662.kimsufi.com , which is my dedicated server domain name ??

Is there a way to remove this ?

 

[networe]

Ok,

My host gave me a Directadmin license (OVH) which is registered with ks3098662.kimsufi.com, thats why the SSL isn't working.

Is there a way to fix this ?

Thank you

 

[Aaron_E]

http://www.directadmin.com/features.php?id=917 should be able to fix this i think

 

[networe]

Hi,

I've added this like : force_hostname=www.monhebergeur.com

But in the certificat information, it still says this domain is ks3098662.kimsufi.com

Any idea?

 

[networe]

When I save the RSA PRIVATE KEY + CERTIFICATE , I've this fallowing message


Certificate and Key Saved.

Details

NOTE: You are using the server IP, so your certificate and key have been saved to:
/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.key/server.key

Is this normal ? I've something to do with that?

 

[networe]

Another update :

Here is my error_log

[Sun Jul 08 16:09:45 2012] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.heinformatique.com:443 (/usr/local/directadmin/data/users/networe/httpd.conf:48)
[Sun Jul 08 16:09:45 2012] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Sun Jul 08 16:09:46 2012] [notice] Apache/2.2.11 (Unix) mod_ssl/2.2.11 OpenSSL/0.9.8e-fips-rhel5 DAV/2 PHP/5.2.10 configured -- resuming normal operations
[Sun Jul 08 16:25:26 2012] [notice] caught SIGTERM, shutting down
[Sun Jul 08 16:25:28 2012] [warn] RSA server certificate CommonName (CN) `www.monhebergeur.com' does NOT match server name!?
[Sun Jul 08 16:25:28 2012] [warn] RSA server certificate CommonName (CN) `www.monhebergeur.com' does NOT match server name!?
[Sun Jul 08 16:25:28 2012] [warn] Init: SSL server IP/port conflict: www.monhebergeur.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:63) vs. www.heinformatique.com:443 (/usr/local/directadmin/data/users/networe/httpd.conf:48)
[Sun Jul 08 16:25:28 2012] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.heinformatique.com:443 (/usr/local/directadmin/data/users/networe/httpd.conf:48)
[Sun Jul 08 16:25:28 2012] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Sun Jul 08 16:25:28 2012] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Sun Jul 08 16:25:29 2012] [warn] RSA server certificate CommonName (CN) `www.monhebergeur.com' does NOT match server name!?
[Sun Jul 08 16:25:29 2012] [warn] RSA server certificate CommonName (CN) `www.monhebergeur.com' does NOT match server name!?
[Sun Jul 08 16:25:29 2012] [warn] Init: SSL server IP/port conflict: www.monhebergeur.com:443 (/usr/local/directadmin/data/users/admin/httpd.conf:63) vs. www.heinformatique.com:443 (/usr/local/directadmin/data/users/networe/httpd.conf:48)
[Sun Jul 08 16:25:29 2012] [warn] Init: SSL server IP/port conflict: localhost:443 (/etc/httpd/conf/extra/httpd-vhosts.conf:38) vs. www.heinformatique.com:443 (/usr/local/directadmin/data/users/networe/httpd.conf:48)
[Sun Jul 08 16:25:29 2012] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!

 

[networe]

Fixed :

I've edited directadmin.conf with :


cacert=/etc/httpd/conf/ssl.crt/server.crt
cakey=/etc/httpd/conf/ssl.key/server.key

I was still user the .pem ...

 

[nobaloney]

And to recap, for everyone:

DirectAdmin doesn't use apache and won't by default use Certificates installed through the control panel for Apache. You must turn on SSL in diretadmin.conf, as well as point to your Certificate locations. You might still need to reference the Root Certificate in directadmin.conf as well.

Jeff