View Full Version : SSL not working, DA wrong path
explosive
05-11-2011, 10:20 AM
Hi,
i have problems with standard install SSL certificates.
if user add his SSL then DirectAdmin in httpd.conf saves
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SSLCACertificateFile /usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.com.cacert
but this NOT working ;(
i have must change this to
SSLCertificateFile /usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.com.cacert
SSLCertificateKeyFile /usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.com.key
SSLCACertificateFile /usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.com.cacert
and now working, everything is ok.
question: HOW to fix DA to write good paths?
You need to move them off the shared ip and onto a private ip.
explosive
05-11-2011, 11:26 AM
of course user have own (dedicated) IP.
Peter Laws
05-12-2011, 05:34 PM
The templates should write to the user's httpd.conf correctly with the paths, eg.
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
for virtual_host_secure.conf
Maybe your templates are messed up?
explosive
05-13-2011, 04:20 AM
No, i have
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
so in variables CERT and KEY are wrong paths :/
zEitEr
05-13-2011, 05:20 AM
Will you post here results for:
cat /usr/local/directadmin/data/users/USERNAME/domains/DOMAIN.cust_httpd
cat /usr/local/directadmin/data/templates/custom/virtual_host2_secure.conf
?
Replace USERNAME and DOMAIN with real data.
explosive
05-13-2011, 06:29 AM
ad .1
I don't have *.cust_httpd in /users/!ANY_USER!/domain/
ad. 2
host2_secure.conf
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
zEitEr
05-13-2011, 10:39 AM
Are these 4 lines from /usr/local/directadmin/data/templates/custom/virtual_host2_secure.conf only what you have there?
explosive
05-13-2011, 12:26 PM
no no, of course not ;) all file:
|?CGI=ScriptAlias /cgi-bin/ `HOME`/domains/`DOMAIN`/public_html/cgi-bin/|
|?DOCROOT=`HOME`/domains/`DOMAIN`/private_html|
|?OPEN_BASEDIR_PATH=`HOME`/:/tmp:/var/tmp:/usr/local/lib/php/|
<VirtualHost |IP|:443>
|CUSTOM|
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/svn$
RewriteRule .* /svn/ [R=301,L]
<Location /svn/>
DAV svn
SVNParentPath /home/|USER|/domains/|DOMAIN|/svn_repositories
SVNListParentPath on
AuthzSVNAccessFile /home/|USER|/domains/|DOMAIN|/svn_settings/authz
Satisfy Any
Require valid-user
AuthType Basic
AuthName "Subversion repository"
AuthUserFile /home/|USER|/svn_settings/passwd
</Location>
SSLEngine on
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
|CAROOT|
ServerName www.|DOMAIN|
ServerAlias www.|DOMAIN| |DOMAIN| |SERVER_ALIASES|
ServerAdmin |ADMIN|
DocumentRoot |DOCROOT|
|CGI|
|USECANONICALNAME|
SuexecUserGroup |USER| |GROUP|
CustomLog /var/log/httpd/domains/|DOMAIN|.bytes bytes
CustomLog /var/log/httpd/domains/|DOMAIN|.log combined
ErrorLog /var/log/httpd/domains/|DOMAIN|.error.log
<Directory |DOCROOT|>
Options +Includes -Indexes
|*if CLI="1"|
php_admin_flag engine |PHP|
<IfModule !mod_php6.c>
php_admin_flag safe_mode |SAFE_MODE|
</IfModule>
php_admin_value sendmail_path '/usr/sbin/sendmail -t -i -f |USER|@|DOMAIN|'
|*endif|
|*if OPEN_BASEDIR="ON"|
php_admin_value open_basedir |OPEN_BASEDIR_PATH|
|*endif|
|*if SUPHP="1"|
suPHP_Engine |PHP|
suPHP_UserGroup |USER| |GROUP|
|*endif|
</Directory>
|HANDLERS|
|MIMETYPES|
</VirtualHost>
zEitEr
05-13-2011, 10:17 PM
OK, templates really looks fine. My guess was, that
SSLCertificateFile |CERT|
SSLCertificateKeyFile |KEY|
were anyhow redefined in templates or in cust_httpd.
Probably somebody else can help you, or you might need to ask official support from Directadmin staff.
Powered by vBulletin™ Version 4.0.4 Copyright © 2012 vBulletin Solutions, Inc. All rights reserved.