1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

hack httpd.include

Discussion in 'Plesk for Linux - 8.x and Older' started by altexis, Feb 12, 2005.

  1. altexis

    altexis Guest

    When I added a valid and authenticated certificate from GeoTrust, Plesk accepted it without any problems but it did not work. When I used two different browsers to get into an https:// page the certificate appears to be Plesk's... not the installed one.

    I made some research and found that in /home/httpd/vhosts/mydomain.com/conf/httpd.include the directive SSLCertificateFile pointed to a wrong certificate file. I know that I shouldn't touch this file but I did just to see if SSL would work as it should. The proper file existed in /usr/local/psa/var/certifiates/ directory and I changed it... and it worked. The next problem was this:

    RSA server certificate CommonName (CN) `mydomain.com' does NOT match server name!?

    (from the apache ssl error logs)

    Again, I modified httpd.include by setting the ServerName directive from mydomain.com:443 to www.mydomain.com:443 ... and then everyting worked smoothly.

    My questions are:
    1) How bad can it be to make manual changes to httpd.include? (I did some efforts with adding a vhost.include and vhost_ssl.include with no luck)

    2) Is this a known bug? Or did I do something wrong? Or is there a hidden place in the control panel to make the proper settings in Plesk?
  2. Whistler

    Whistler Guest

    Your httpd.include will eventually be overwritten by Plesk. Every time you change a webserver setting, Plesk will write a new httpd.include file, so that's not the way!

    It might be a known problem - with wrong file permissions, I worte about it last year in oktober/november I think. Link: http://forum.sw-soft.com/showthread.php?s=&threadid=18630&highlight=ssl+geert

    But it might also be because you haven't set the correct certificate to the shared IP or some other wrong settings.

    Can you post the URL that dosen't work?
  3. altexis

    altexis Guest

    great... that solved it

    I had to remove the certificate from the domain control panel, and re-add it from the server certificates, then engage it from the server IP pool. ... Plesk did not only copy the M$ looks.. they copied the M$ essence as well.

    Thanks for your help Whistler... but now I am still missing the CA Certificate. The certificate is a QuickSSL from GeoTrust. I uploaded all the root certificates from GeoTrust but none works because 'The CA authority does not recognize that certificate' (or something like that) ... Is there any trick to upload the CA Certificate?
  4. altexis

    altexis Guest

  5. Whistler

    Whistler Guest

    The current certificate on https://www.creativepluse.biz - seems to be a server selfsigned certificate?

    And the CA Certificate should (if I remember correct) only be submitted if you uses some root authority that's not included in most browsers (and GeoTrust root certificate is in almost any browser).
  6. altexis

    altexis Guest

    When I wrote my first post it appeared to be a self-signed certificate. After your help I reinstalled the certificate but there was still a problem. Now I re-issued the certificate and everything works smoothly.

    Thank you for your help Whistler