Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x Community Guides & How-To's v1.0.x v [SPLIT] Secure Sentora Login with Let's Encrypt

[SPLIT] Secure Sentora Login with Let's Encrypt
worksmarter Offline
Support Staff
*****
OS: CentOS 7
Version: 1.0.3
Server: Home, Dedicated, Apache 2.4.6/PHP 5.6.33/MariaDB 5.5.52
Posts: 129
Threads: 21
Joined: Nov 2014
Reputation: 0
Sex: Male
Thanks: 40
Given 11 thank(s) in 9 post(s)
#32
RE: Secure Sentora Login with Let's Encrypt
 11-19-2016, 04:42 AM
This procedure breaks Apache 2.2 on Centos 6.8.

After I enter this:

Code:
SSLEngine on
SSLProtocol ALL -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCertificateFile /etc/letsencrypt/live/helium12.domain.com/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/helium12.domain.com/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/helium12.domain.com/chain.pem
# Keeping bellow for future upgrades.
# Requires Apache >= 2.4
#SSLCompression
off

As soon as I click on "Save" in Sentora Apache breaks with a reply to my submission of "REFUSED TO CONNECT"

Here is what Apache says when issuing a restart:

Code:
[root@helium12 letsencrypt]# service httpd restart
Stopping httpd:                                            [  OK  ]
Starting httpd: (98)Address already in use: make_sock: could not bind to address [::]:443
                                                          [FAILED]

Can anyone give me a hand with this? I have hours in this and cannot come to a stable fix (one that the daemon does not simply revert...)

BTW, I used the --debug flag also this time when creating the certificates.

Here is my output of "grep -ir "^listen" /etc/httpd/*" even with Apache not running.

Code:
/etc/httpd/conf.d/ssl.conf:Listen 443

Commenting out "Listen 443" in ssl.config just changes Apache's restart failure to "Failed" with no error dialogue. And renaming the file so it will not load at all does allow Apache to run, but I cannot reach the Sentora panel at all still.
Everyone makes mistakes, but to truly screw up it takes the root password!
Find
Reply
Thanks given by:


Messages In This Thread

Possibly Related Threads…
Thread Author Replies Views Last Post
Secure Sentora With SSLForFree Chris L 1 4 ,750 01-22-2020, 09:19 PM
Last Post: ralphharder
Fail2ban for Sentora (Centos 7) bbspike 14 45 ,221 01-14-2020, 07:32 AM
Last Post: Vedran B
Timeout for Sentora Admin Panel minufreelance 12 45 ,677 11-24-2018, 12:33 PM
Last Post: fearworks

Forum Jump:


Users browsing this thread: 1 Guest(s)