Author Topic: Unable to restart http service after SSL installation  (Read 9021 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Unable to restart http service after SSL installation
« on: December 22, 2015, 02:32:13 PM »
Hello All,

Im trying to set up SSL encryption on my website with CWP.
I bought a certificate (not a self-signed) and used the "clean way" of this "how to" : http://forum.centos-webpanel.com/ssl/how-to-install-multiple-ssl-certificates-on-shared-ip/

Everything goes well until i have to restart the service httpd, i get this error message :
"Could not determine... fully qualified domain name"

The website with vhost-ssl.conf empty works fine, after his creation i have the error message but te configuration is exactly the same than vhost.conf... so i suppose isn't a problem with the host or servername option in the configuration file...? if not both wouldn't work, right ?

There are some other check to troubleshoot this issue ?

thanks upfront,
N.B

Offline
**
Re: Unable to restart http service after SSL installation
« Reply #1 on: December 23, 2015, 07:49:49 AM »
Hi there

first i would make sure in http.conf that the hostname is correct (normally you can start http even if its wrong) then have a look in /usr/local/apache/logs/error_log see if theres anything of interest in there, then make sure that you have the following in the vhost config of the site.

Code: [Select]
# vhost_start reports.website.com
<VirtualHost 192.168.23.100:443>
 ServerName reports.website.com
 ServerAlias www.reports.website.com
 DocumentRoot /home/calltrac/public_html/web
 SSLEngine on
 SSLCertificateFile /etc/pki/tls/certs/reports.website.com.cert
 SSLCertificateKeyFile /etc/pki/tls/private/reports.website.com.key
 SSLCertificateChainFile /etc/pki/tls/certs/reports.website.com.bundle
<IfModule mod_suexec.c>
    SuexecUserGroup calltrac calltrac
</IfModule>

<IfModule mod_suphp.c>
    suPHP_UserGroup calltrac calltrac
    suPHP_ConfigPath /home/calltrac
</IfModule>

<Directory "/home/calltrac/public_html/web">
    AllowOverride All
</Directory>
</VirtualHost>
# host_end reports.website.com

please not i have changed my live ip address to a local one for this post do not change your ip address from what you have to the one in my example
« Last Edit: December 23, 2015, 07:52:10 AM by Glenn »

Offline
*
Re: Unable to restart http service after SSL installation
« Reply #2 on: December 23, 2015, 01:29:21 PM »
Hi,

thanks a lot for your answer.
indeed, i see several error on error_log :
RSA server certificate CommonName (CN) 'www.mydomain.net' does not match server name !?

But when i use the command "hostname" i get the right servername : www.mydomain.net

so, I need to recreate a private key and a CSR to reedit the certificate ?

best regards,
N.B

Offline
*
Re: Unable to restart http service after SSL installation
« Reply #3 on: January 02, 2016, 02:31:24 PM »
Hi,

thanks a lot for your answer.
indeed, i see several error on error_log :
RSA server certificate CommonName (CN) 'www.mydomain.net' does not match server name !?

But when i use the command "hostname" i get the right servername : www.mydomain.net

so, I need to recreate a private key and a CSR to reedit the certificate ?

best regards,
N.B

Hi NB,

I apologize for the late response but in your vhosts-ssl.conf where it says
Code: [Select]
<VirtualHost 192.168.23.100:443>
 ServerName reports.website.com
Could you ensure that ServerName doesn't have :443 after it for the domain in question?