[BlueOnyx:09905] Re: SSL Warning On 5106R

Chris Gebhardt - VIRTBIZ Internet cobaltfacts at virtbiz.com
Tue Mar 27 10:38:43 -05 2012 

Hi David,

SB9-PageKeeper Service wrote:
> I'm Aware that SSL must be on only 1 IP and not shared.
> That IP is being shared but no SSL is being used for it.
> netstat -an does not show that IP address state as LISTEN.

Is there actually a certificate that is installed for the site?

I have seen this behavior before where although SSL is enabled, a cert 
is not actually installed.  This can happen when you generate a new CSR 
without having the "self-signed" checked.

When you start SSL on a site, you need to generate a CSR (click "Create 
Signing Request") and ensure that you have "Generate Self-Signed 
Certificate" checked.   The reason for this is because BlueOnyx will 
generate a "placeholder" certificate to get the SSL service started on 
the site while you wait for the certificate to come back from your CA.

If you do NOT allow this placeholder self-signed cert, then sometimes 
what will happen is the service will just fail to start on the site.

In the event you have already submitted your CSR and received your 
"real" cert back already, then here is what I would suggest to "kick 
start" the SSL service:

 From CLI, as root go to /home/sites/www.domain.tld/ and execute the 
following commands to backup your cert directory:

# mkdir cert-bak
# cp certs/* cert-bak/

Now in the BX GUI, go to the SSL management for the site and click 
Create Signing Request") and ensure that you have "Generate Self-Signed 
Certificate" checked.   This is going to create a new CSR and overwrite 
what you had in the certs directory before.  In other words, if you 
already got a cert, this will invalidate it.  That's the reason for the 
backup above.  You can discard the CSR that is generated.

Now go back to the CLI and execute:
# rm -rf certs/*
# cp cert-bak/* certs/
# service httpd restart

See if that doesn't get things shaken out for you.

-- 
Chris Gebhardt
VIRTBIZ Internet Services
Access, Web Hosting, Colocation, Dedicated
www.virtbiz.com | toll-free (866) 4 VIRTBIZ

More information about the Blueonyx mailing list