• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

SSL httpsd and plesk

A

agentgeek

Guest
Ok,

So I have combed the forum and found lots of things that don't work.

Here is my problem. I have setup my server and everything except SSL will work. The Plesk interface and webmin both work fine on their respective ports https:...:8443 and :10000. BUT any domain I add and check the box for ssl support does not work on https. I have tried everything I know(and I am definately not a linux newbie)-- I just can't get it to work.

If I do a ps -aux | grep httpsd I get multiple pids...normal since it is running for plesk, etc. If I do a netstat -l nothing is listening on :https(443). If I do a /etc/rc.d/init.d/psa restart, apache restarts fine with no errors. If I do an apachectl restart I get lots of errors complaining that all the IP addresses:443 do not have names, etc.

What gives?
I have been beating my head against the wall on this, spending a lot of time I really don't have, and not getting anywhere.

If you have any input on this...any at all, please please respond. I'll be checking this thread several times a day from work and home.

Thanks in advance

AgentGeek
 
From your reported error "all the IP addresses:443 do not have names", I would check the following.

In the /etc/httpd/conf/httpd.include file, check to make sure you have sections such as:

<VirtualHost ip.ad.dr.ess:443 >
ServerName default-ip-ad-dr-ess
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certXRFt57G
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>
for each of the IPs on the server. The 'ip.ad.dr.ess' would be replaced by your IP(s).
 
Originally posted by jamesyeeoc
From your reported error "all the IP addresses:443 do not have names", I would check the following.

Jamesyeeoc,

This is the section for that virtual host in the httpd.include file. It is as you stated it should be.

<VirtualHost myipaddress:443 >
ServerName default-myipaddress
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/httpsdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
SSLEngine on
SSLVerifyClient none
SSLCertificateFile /usr/local/psa/var/certificates/certXiyqddp
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
<Directory /home/httpd/vhosts/default/httpsdocs>
SSLRequireSSL
</Directory>
</VirtualHost>

Also, here is the output from apachectl -t -D DUMP_VHOSTS

myipaddress:80 is a NameVirtualHost
default server mydomain.com (/home/httpd/vhosts/mydomain.com/conf/httpd.include:83)
port 80 namevhost mydomain.com (/home/httpd/vhosts/mydomain.com/conf/httpd.include:83)
port 80 namevhost forums.mydomain.com (/home/httpd/vhosts/mydomain.com/conf/httpd.include:146)
port 80 namevhost default (/etc/httpd/conf/httpd.include:63)
port 80 namevhost webmail (/etc/httpd/conf/httpd.include:271)
port 80 namevhost lists (/etc/httpd/conf/httpd.include:341)
myipaddress:443 is a NameVirtualHost
default server mydomain.com (/home/httpd/vhosts/mydomain.com/conf/httpd.include:12)
port 443 namevhost mydomain.com (/home/httpd/vhosts/mydomain.com/conf/httpd.include:12)
port 443 namevhost default-myipaddress(/etc/httpd/conf/httpd.include:202)
port 443 namevhost webmail (/etc/httpd/conf/httpd.include:304)
port 443 namevhost lists (/etc/httpd/conf/httpd.include:367)

where my actual domain name has been replaced with mydomain.com

Any other suggestions?

I can't seem to get apache to listen on :443
 
is something else listening on 443? The default behavior of apache on the rpm distros (redhat/fedora/suse/mandrake/centos) is to listen on 443. Try shutting httpd down and telneting to port 443.
 
Ok,

This has been figured out. The problem seems to be that the ssl.conf file was screwed up. Reinstalling (-Uvh) the mod_ssl rpm fixed it.


Peace on you all :)

:wq
 
Back
Top