If you receive the following error when browsing to a SSL+sharedIP+suPHP site, then these directions are for you:
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request. Please contact the server administrator, webmaster@training.nts.wustl.edu and inform them of the time the error occurred, and anything you might have done that may have caused the error. More information about this error may be available in the server error log. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.17 (Unix) mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 mod_bwlimited/1.4 Server at training.nts.wustl.edu Port 443
The following errors will show up in the log file:
root@prism [/usr/local/apache/logs]# cat /usr/local/apache/logs/suphp_log | grep Mismatch [Fri May 13 14:11:29 2011] [warn] Mismatch between target UID (99) and UID (1006) of file "/home/training/public_html/test.php" [Fri May 13 14:11:35 2011] [warn] Mismatch between target UID (99) and UID (1006) of file "/home/training/public_html/test.php" [Mon May 16 08:27:48 2011] [warn] Mismatch between target UID (99) and UID (1006) of file "/home/training/public_html/test.php"
Original Files: ============================= root@prism [/var/cpanel/userdata]# cat /var/cpanel/userdata/nobody/main --- addon_domains: {} main_domain: prism.nts.wustl.edu parked_domains: [] sub_domains: - training.nts.wustl.edu root@prism [/var/cpanel/userdata]# cat /var/cpanel/userdata/nobody/training.nts.wustl.edu_SSL --- documentroot: /home/training/public_html group: nobody hascgi: 1 homedir: /usr/local/apache/htdocs ip: 128.252.69.1 owner: root phpopenbasedirprotect: 1 port: 443 serveradmin: webmaster@training.nts.wustl.edu serveralias: www.training.nts.wustl.edu servername: training.nts.wustl.edu ssl: 1 sslcacertificatefile: /etc/ssl/certs/training.nts.wustl.edu.cabundle sslcertificatefile: /etc/ssl/certs/training.nts.wustl.edu.crt sslcertificatekeyfile: /etc/ssl/private/training.nts.wustl.edu.key usecanonicalname: 'Off' user: nobody userdirprotect: -1 The above files generated the following snippet from /usr/local/apache/conf/httpd.conf:ServerName training.nts.wustl.edu ServerAlias www.training.nts.wustl.edu DocumentRoot /home/training/public_html ServerAdmin webmaster@training.nts.wustl.edu UseCanonicalName Off CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu combined CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User nobody # Needed for Cpanel::ApacheConf Following These Directions: ==================================== * Manually adjust the files in /var/cpanel/userdata * moving the SSL host file from the "nobody" user folder to the actual/original user (training), * edit the file to change the user and group names, * edit the "main" file to remove that domain from the nobody user. * Remove the cache files for any files you've moved or changed, * Run /scripts/updateuserdomains and then /scripts/rebuildhttpdconf * This should results in the suPHP_UserGroup being the "training" instead of nobody in httpd.conf. At this point you can restart apache to make sure everything works as expected still. Detailed Commands run: =================================== root@prism [/var/cpanel/userdata/nobody]# mv training.nts.wustl.edu_SSL ../training/ root@prism [/var/cpanel/userdata/nobody]# rm training.nts.wustl.edu_SSL.cache rm: remove regular file `training.nts.wustl.edu_SSL.cache'? y root@prism [/var/cpanel/userdata/nobody]# vi main root@prism [/var/cpanel/userdata/nobody]# rm main.cache rm: remove regular file `main.cache'? y root@prism [/var/cpanel/userdata/nobody]# cd ../training/ root@prism [/var/cpanel/userdata/training]# vi training.nts.wustl.edu_SSL root@prism [/var/cpanel/userdata/training]# /scripts/updateuserdomains root@prism [/var/cpanel/userdata/training]# /scripts/rebuildhttpdconf Built /usr/local/apache/conf/httpd.conf OK root@prism [/var/cpanel/userdata/training]# /etc/init.d/httpd restart Updated Files: =============================== root@prism [/var/cpanel/userdata]# cat /var/cpanel/userdata/nobody/main --- addon_domains: {} main_domain: prism.nts.wustl.edu parked_domains: [] sub_domains: [] root@prism [/var/cpanel/userdata]# cat /var/cpanel/userdata/training/training.nts.wustl.edu_SSL --- documentroot: /home/training/public_html group: training hascgi: 1 homedir: /usr/local/apache/htdocs ip: 128.252.69.1 owner: root phpopenbasedirprotect: 1 port: 443 serveradmin: webmaster@training.nts.wustl.edu serveralias: www.training.nts.wustl.edu servername: training.nts.wustl.edu ssl: 1 sslcacertificatefile: /etc/ssl/certs/training.nts.wustl.edu.cabundle sslcertificatefile: /etc/ssl/certs/training.nts.wustl.edu.crt sslcertificatekeyfile: /etc/ssl/private/training.nts.wustl.edu.key usecanonicalname: 'Off' user: training userdirprotect: -1 The above files generated the following snippet from /usr/local/apache/conf/httpd.conf:suPHP_UserGroup nobody nobody ScriptAlias /cgi-bin/ /home/training/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/training.nts.wustl.edu.crt SSLCertificateKeyFile /etc/ssl/private/training.nts.wustl.edu.key SSLCACertificateFile /etc/ssl/certs/training.nts.wustl.edu.cabundle CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdownSSLOptions +StdEnvVars # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/ssl/2/nobody/training.nts.wustl.edu/*.conf"ServerName training.nts.wustl.edu ServerAlias www.training.nts.wustl.edu DocumentRoot /home/training/public_html ServerAdmin webmaster@training.nts.wustl.edu UseCanonicalName Off CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu combined CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User training # Needed for Cpanel::ApacheConf suPHP_UserGroup training training php4_admin_value open_basedir "/home/training:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" php5_admin_value open_basedir "/home/training:/usr/lib/php:/usr/local/lib/php:/tmp" php_admin_value open_basedir "/home/training:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" php_admin_value open_basedir "/home/training:/usr/lib/php:/usr/local/lib/php:/tmp" php_admin_value open_basedir "/home/training:/usr/lib/php:/usr/php4/lib/php:/usr/local/lib/php:/usr/local/php4/lib/php:/tmp" SuexecUserGroup training training ScriptAlias /cgi-bin/ /home/training/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/training.nts.wustl.edu.crt SSLCertificateKeyFile /etc/ssl/private/training.nts.wustl.edu.key SSLCACertificateFile /etc/ssl/certs/training.nts.wustl.edu.cabundle CustomLog /usr/local/apache/domlogs/training.nts.wustl.edu-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdownSSLOptions +StdEnvVars # To customize this VirtualHost use an include file at the following location # Include "/usr/local/apache/conf/userdata/ssl/2/training/training.nts.wustl.edu/*.conf"
Does it matter what type of ssl you are using i have just bought a ev ssl so i dont really want to have to buy a new one. I tried this a guide a couple of times and i cant seem to get it to work. any ideas???
ReplyDeleteIts highly informative. I would be visiting your blog hereafter regularly to gather valuable information. Networking Setup Melbourne
ReplyDelete@Tim - What is the exact problem you are having?
ReplyDelete