This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

SSL as per Wiki not working on Ubuntu, my solution provided
#11
RE: SSL as per Wiki not working on Ubuntu, my solution provided
I had made a tutorial for Windows SSL that was tested (and I currently use it) but unfortunately i can't find it ATM. Should work just fine for *nix servers too by just altering the paths.

I actually just posted a brief version of it in these forums just the other night to help somebody else out.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE

Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Reply
Thanks given by:
#12
RE: SSL as per Wiki not working on Ubuntu, my solution provided
(12-07-2014, 07:39 AM)Me.B Wrote: In few lines the best solution is:

1. create a new conf file that contain your SSL host that will look like this

Quote:<virtualhost *:443>
ServerName ssl.domain.com
ServerAlias ssl.domain.com
ServerAdmin you@domain.com
DocumentRoot "/var/zpanel/hostdata/zadmin/public_html/ssl.domain.com"
php_admin_value open_basedir "/var/zpanel/hostdata/zadmin/public_html/ssl.domain.com:/var/zpanel/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/zpanel/logs/domains/zadmin/ssl.domain.com-error.log"
CustomLog "/var/zpanel/logs/domains/zadmin/ssl.domain.com-access.log" combined
CustomLog "/var/zpanel/logs/domains/zadmin/ssl.domain.com-bandwidth.log" common
<Directory />
Options FollowSymLinks Indexes
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 403 /_errorpages/403.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 404 /_errorpages/404.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
SSLEngine On
SSLCertificateFile /var/zpanel/logs/domains/zadmin/ssl/secure1.pem
SSLCertificateKeyFile /var/zpanel/logs/domains/zadmin/ssl/secure1.key
</virtualhost>

All zpanel path's should be replaced by sentora.

You will need first to create a normal ssl.domain.com ( sub domain) could a be domain so replace ssl.domain.com with the correct URL you will use.

Notice the path for the SSL certificates that you can change.

Once you create this config file as ssl.domain.com.conf place it in
/etc/zpanel/config/apache/ ( or /etc/sentora/ )

Then check your apache main config file & add include the new conf file you created.

Restart apache. If your SSL certficate is ok ( take care to remove the password or apache will request it after each restart), you should now have
http://ssl.domain.com working &
https://ssl.domain.com both pointing same root.

Then add a .htaccess to enforce https only if you need that or you can keep both working.

I think the old way in the wiki should not be used & hope in next release we auto generate the ssl host instead of having this manual setup. The wiki how to fail to explain the need for override. As once you enable ssl the default domain/subdomain with SSL will no longer work on HTTP & this is why you will be required to add a vhost port override to avoid nasty errors. My way will allow both SSL & non SSL working but require a lot more manual admin off panel.

This topic is FOR EXPERIENCED ADMIN.

M B

THank you very much this is the only way I get HTTPS working on my site but I get a 403 Error.
https://tilabmx.com/
I´ll appreciate your help with this.

This is my entire ssl Vhost conf file included in httpd.conf

PHP Code:
Listen 443

<VirtualHost *:443>
ServerName tilabmx.com
ServerAlias  www
.tilabmx.com
ServerAdmin hcmarcos
@tilabmx.com
DocumentRoot 
"/var/sentora/hostdata/zadmin/public_html/tilabmx_com"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/tilabmx_com:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid$
SSLEngine on
SSLCertificateKeyFile /etc/apache2/ssl/tilabmx.com.key
SSLCertificateFile /etc/apache2/ssl/tilabmx_com.crt
SSLCertificateChainFile /etc/apache2/ssl/bundle.crt
SSLProtocol -All +TLSv1 +TLSv1.1 +TLSv1.2
SSLCipherSuite ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!A$
SSLHonorCipherOrder on
ErrorLog "
/var/sentora/logs/domains/zadmin/tilabmx.com-error.log"
CustomLog "
/var/sentora/logs/domains/zadmin/tilabmx.com-access.log" combined
CustomLog "
/var/sentora/logs/domains/zadmin/tilabmx.com-bandwidth.log" common
<Directory "
/var/sentora/hostdata/zadmin/public_html/tilabmx_com">
        Options FollowSymLinks Indexes
        AllowOverride All
        Order Allow,Deny
        Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
</virtualHost> 
Reply
Thanks given by:
#13
RE: SSL as per Wiki not working on Ubuntu, my solution provided
When I use:
Code:
<Directory "/var/sentora/hostdata/zadmin/public_html/tilabmx_com">
    Options FollowSymLinks Indexes
    AllowOverride All
    Order Allow,Deny
    Allow from all
</Directory>
HTTPS works but with 403 error.
And when I use:
Code:
<Directory "/var/sentora/hostdata/zadmin/public_html/tilabmx_com">
Options +FollowSymLinks -Indexes
  AllowOverride All
  Require all granted
</Directory
Https redirects to http. Please help Huh Huh Huh
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
OS - Ubuntu 18.04 or Centos 8 Qrash 1 4 ,873 01-18-2021, 07:48 PM
Last Post: Jettaman
Ubuntu 18.04 vaxition 1 4 ,381 08-06-2020, 11:03 AM
Last Post: Jettaman
Php5.6 on ubuntu possible? lorenaustin 0 2 ,337 06-11-2020, 01:01 AM
Last Post: lorenaustin

Forum Jump:


Users browsing this thread: 1 Guest(s)