Isponfig autorenew back to selfsigned

oliware · December 16, 2018, 9:39pm

No ssl config of the ispconfig panel itself.

Here is the vhost:

Listen 8080
NameVirtualHost *:8080

<VirtualHost _default_:8080>
  ServerAdmin webmaster@localhost

  <Directory /var/www/ispconfig/>
    <FilesMatch "\.ph(p3?|tml)$">
      SetHandler None
    </FilesMatch>
  </Directory>
  <Directory /usr/local/ispconfig/interface/web/>
    <FilesMatch "\.ph(p3?|tml)$">
      SetHandler None
    </FilesMatch>
  </Directory>

  <IfModule mod_fcgid.c>
    DocumentRoot /var/www/ispconfig/
    SuexecUserGroup ispconfig ispconfig
    <Directory /var/www/ispconfig/>
      Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
      AllowOverride AuthConfig Indexes Limit Options FileInfo
      <FilesMatch "\.php$">
        SetHandler fcgid-script
      </FilesMatch>
      FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
            Require all granted
          </Directory>
    IPCCommTimeout  7200
    MaxRequestLen 15728640
  </IfModule>

  <IfModule mpm_itk_module>
    DocumentRoot /usr/local/ispconfig/interface/web/
    AssignUserId ispconfig ispconfig
    AddType application/x-httpd-php .php
    <Directory /usr/local/ispconfig/interface/web>
      # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
      Options +FollowSymLinks
      AllowOverride None
            Require all granted
            php_value magic_quotes_gpc        0
    </Directory>
  </IfModule>

  # ErrorLog /var/log/apache2/error.log
  # CustomLog /var/log/apache2/access.log combined
  ServerSignature Off

  <IfModule mod_security2.c>
    SecRuleEngine Off
  </IfModule>

  # SSL Configuration
  SSLEngine On
    SSLProtocol All -SSLv3
  #SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle

    SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
  SSLHonorCipherOrder On
    
  <IfModule mod_headers.c>
    Header always add Strict-Transport-Security "max-age=15768000"
	RequestHeader unset Proxy early
  </IfModule>

        SSLUseStapling On
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors Off
  ServerName nero.oliware.eu
  Include /etc/letsencrypt/options-ssl-apache.conf
SSLCertificateFile /etc/letsencrypt/live/nero.oliware.eu/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nero.oliware.eu/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/nero.oliware.eu/chain.pem
  </VirtualHost>

<IfModule mod_ssl.c>
  SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>

<Directory /var/www/php-cgi-scripts>
  AllowOverride None
    Require all denied
  </Directory>

<Directory /var/www/php-fcgi-scripts>
  AllowOverride None
    Require all denied
  </Directory>

Topic		Replies	Views
Still self signed error in browser Help	15	4834	May 14, 2019
Deleting self-signed certificate to use a real certificate Help	12	2525	January 5, 2021
How to regenerate a Cert Server	25	9300	March 6, 2017
Where are all references to my domain name? Help	25	544	July 19, 2024
Ispconfig 3.2 self-signed certificate Help	10	7293	July 2, 2021

Isponfig autorenew back to selfsigned

Related topics