Problem for setup SSL

Discussion in 'Install/Configuration' started by superbarre.com, Jan 20, 2005.

  1. superbarre.com

    superbarre.com New Member

    Hello, just updated to RC5, very nice version. i love the VH template.

    I Wish it should be great that the program created home directory when we add a new user.

    Even better i wish, when it created the directory, that it lunch a script (we could give the path), then with this script we could create others services on the servers, the user, the pass, the mail, ftp...

    it would be great to have something like

    Before Creating Script : /give/a/path (with into parameters, info we gaved, virtual host name, domains, alias...)

    After Created Script : /give/another/path



    So i ve modified like i wanted the CentralConfigLog in VH templates, and add in my virtual host super-barre.com

    So for the SSL,

    i ve created a listeners called "Secure" with port 443, secure, and the same ip than i use on port 80 listener and virtual host mapping "Exemple" => super-barre.com

    Into the SSL tag

    Cert File $SERVER_ROOT/conf/new.cert.cert
    Key File $SERVER_ROOT/conf/new.cert.key

    I ve created the cert and the key.

    and selected ssl 2 and 3, and High medium Low.

    Then i apply changes with a lsws restart.

    But Secure Listeners do not lunch, and in my log i have

    2005-01-20 14:57:26.198 ERROR [config:server:listener:Secure] missing <address> in <listener>


    So i ve search a lot where i have miss an adress, but i don't find.


    Can you help me please ?


    Another things, How change the SSL defaut home directory ? And even if i can't change it, where i could find it ?
  2. mistwang

    mistwang LiteSpeed Staff

    Thank you for the suggestion, we probably will add script to create a user account, copy a template directory to new user's home directory, but you still need to take care of the rest yourself.
    Yes, we can add an option like what you suggested to execute a script.
    Have no plan for a full featured web hosting control panel yet, instead, we plan to improve LSWS' compatibility will Apache, and eventually make LSWS compatible with existing control panels. :)

    The SSL listener problem has been addressed, please download again.

    Thanks,
    George
  3. superbarre.com

    superbarre.com New Member

    Nice i will download it and test.

    The best of all it will be than lsws have an httpd.conf compatible configuration file, i mean...

    Keep your xml config, just in more, and lunch the lsws server, or reload, make a small program to convert a httpd.conf into your XML format, and it will be nice.

    Just type : /etc/init.d/ldws start => Conversion of httpd.conf into your XML => Start the lsws server.


    Hop :)

    Thanks you for your reactivity.
  4. superbarre.com

    superbarre.com New Member

    Just tested

    Hi,

    So ive installed the new version, SSL seem to lunch ok. and well listen on 443 port on my ips.


    its accept ssl, i ve the certificate, all is good

    BUT

    in Serveur status i have

    Default *:80 Running [Example] *
    [super-barre.com] super-barre.com *.super-barre.com superbarre.com super-barre.org super-barre.net

    Secure *:443 Running [Example] *




    super-barre.com is an virtual host than i ve created into the VH templates BEFORE setup the secure listener.

    And its looks ssl doesn't apply to this virtual host.


    So i ve deleted the virtualhost super-barre.com into the VH template system, and recreated it, but still look not to apply to my domain

    Default *:80 Running [Example] *
    [super-barre.com] super-barre.com *.super-barre.com superbarre.com super-barre.org super-barre.net

    Secure *:443 Running [Example] *






    ANOTHER THINGS


    in the VH Template System (tag general)

    we have

    Virtual Host Root => $SERVER_ROOT/$VH_NAME/
    Document Root => $VH_ROOT/html/


    But there is a way to add something like

    SSL Document Root => $VH_ROOT/secure/


    Because SSL point to same directory, and its HARD to differances the 2 ports.

    Others system does like that (Direct Admin for exemple redirect http => public_html and https => private_html)
  5. mistwang

    mistwang LiteSpeed Staff

    To archive what exactly you want, you should create a new template similiar to the existing one by pointing VHROOT to secure/, and assign SSL listener to the new template. Make sure not to let two templates point to the same template file, make a copy.

    As to the SSL binding issue, you probably did not add SSL listener to template listener binding list.
  6. superbarre.com

    superbarre.com New Member

    I cannot add it because the virtual host is into the centralConfigLog template, And when going to

    Listeners => Secure => Virtual Host Mapping => Add

    in Virtual Host i ve only "Exemple"
    then in Domains i ve put "*"


    When adding the super-barre.com host into the VH template system, it add mapping to the Default listeners but not to the secure liscener

    See my Server Status

    Listeners

    Name Address Status Virtual Host Mappings
    Default *:80 Running [Example] *
    [super-barre.com] super-barre.com *.super-barre.com superbarre.com super-barre.org super-barre.net

    Secure *:443 Running [Example] *
  7. mistwang

    mistwang LiteSpeed Staff

    There is a "Mapped Listeners" configuration in "Template Location" configuration.
  8. superbarre.com

    superbarre.com New Member

    Oh ok, its what i missed

    Thanks
  9. superbarre.com

    superbarre.com New Member

    So for dissociated the html home directory and the https home directory

    i ve copy

    $SERVER_ROOT/conf/templates/ccl.xml
    into
    $SERVER_ROOT/conf/templates/securetemplate.xml


    Then created a new template by the admin, Called it "SecureTemplate" which it use the template file
    $SERVER_ROOT/conf/templates/securetemplate.xml
    and mapped to the listeners : Secure
    and in General :

    Document Root $VH_ROOT/private_html/

    Then i ve add my host 'super-barre.com'

    Then restart server

    But in log i ve

    2005-01-21 17:48:07.556 INFO [config:template:SecureTemplate] Virtual host super-barre.com already exists, skip template configuration

    so it cannot exist 2 hosts with same name and has the name play in home directory

    $SERVER_ROOT/$VH_NAME/

    (and its impossible to modify with parametre, Vh_NAME must be here)



    So all i can have its

    Server_root/super-barre.com (http)
    Server_root/ssl-super-barre.com (https)

    But i should have

    Server_root/super-barre.com/html/
    Server_root/super-barre.com/private_html/



    But its not very problematic. i will just have 2 directory, i will make the symbolic links

    Server_root/super-barre.com/private_html > Server_root/ssl-super-barre.com


    Thanks for your help
  10. superbarre.com

    superbarre.com New Member

    Finally its works like i said,

    but very heavy to setup, its would be fine in future release to simply have 2 home variables, one for http, and one for ssl

    and we will can be dissociated it or lead them to same path
  11. superbarre.com

    superbarre.com New Member

    Another things,

    its would be nice to handle easyli under domain.

    for exemple when adding Member virtual Host,

    something like



    under domain 1 : admin => /admin
    under domain 2 : webmaster => /web
    under domain 3 : manuel => /man
    under domain 4 : * => /


    As when going to http://admin.yourdomain.com
    it will go into the VH_ROOT_PATH/admin

    Will be nice for handle this.
  12. mistwang

    mistwang LiteSpeed Staff

    In addition to your symbolic link work around, you can just set the virtual host root configuration under template member configuration to the target directory. :)

    We will consider your suggestion. Thanks!
  13. superbarre.com

    superbarre.com New Member

    Right, didn't thing of that.

    thanks again
  14. Da-Idiot

    Da-Idiot New Member

    From what I can understand in this post.

    Is it not possible to have secure site areas setup as

    non-secure = http://mydomain.com

    secure = https://mydomain.com

    I am under the impression that it must be setup as a subdomain of the sitesuch as

    non-secure = mydomain.com

    secure = secure.mydomian.com

    I have tried setting up another listener called SECURE but it did not want to load when i applied the changes. Secure listener said ERROR

    The settings for the listener where

    name = SECURE
    ip = ANY
    port = 443
    binding = tried yes and no.

    mapping. DEFAULT *

    I also setup my self signed certs for testing with the how to from openssl and it did not give me any error pointing to them in my servers conf directory.

    Can you please explain to me "Da-Idiot" How to setup ssl, Such as a step by step how to or something. It would propably really help others out to who are on my level.

    Thanx in advance for any help.
  15. mistwang

    mistwang LiteSpeed Staff

    Yes, it is possible, above post only indicate that you need to give different names for secure and non-secure virtual hosts, if they have different document root, listener to virtual host binding can be the same.

    Please post the error messages in your lsws/logs/error.log.

    Best Regards,
    George Wang
  16. Da-Idiot

    Da-Idiot New Member

    Here is my error log

    Also I have my server root serving files from my home/username/public_html/ directory. Is this a problem?

    2005-01-24 18:50:19.156 [NOTICE] Loading LiteSpeed/2.0RC6 Standard ...
    2005-01-24 18:50:19.259 [NOTICE] [ADMIN] server socket: 127.0.0.1:7237
    2005-01-24 18:50:19.259 [NOTICE] Loading configuration from /opt/lsws/conf/httpd_config.xml ...
    2005-01-24 18:50:19.260 [INFO] old priority: 0, new priority: 0
    2005-01-24 18:50:19.568 [ERROR] HttpListener::start(): Can't listen at address adminListener: Address already in use!
    2005-01-24 18:50:19.569 [ERROR] HttpServer::addListener(adminListener) failed to create new listener
    2005-01-24 18:50:19.569 [ERROR] [config:admin:listener:adminListener] failed to start listener on address *:7080!
    2005-01-24 18:50:19.569 [ERROR] [config:admin:listener] No listener is available for admin virtual host!
    2005-01-24 18:50:19.569 [ERROR] Fatal error in configuration, exit!
  17. mistwang

    mistwang LiteSpeed Staff

    Port 7080 is used by another application, you need to change admin port to something else. To find out which one is using 7080, try command "lsof | grep 7080" as root.

    If there are more errors in the error after this is fixed, please post those errors.

Share This Page