- A normal user with a SSL website uploaded a SSL certificate into virtualmin PRO.
- Virtualmin PRO accepted the certificate, configured apache and restarted it
- Apache didn't restart, Virtualmin just simply outputed:
...failed
1) no automatic "undo" of the faulty operation and restart of websert
2) no email/notification to admin
3) verification of certs different from apache (which is almost unavoidable)
The automatic restarts failed too, since apache didn't like the cert that virtualmin liked:
[Sun Dec 14 20:43:29 2008] [error] Init: Unable to read server certificate from file /home/username/ssl.cert
[Sun Dec 14 20:43:29 2008] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
[Sun Dec 14 20:43:29 2008] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
Simply removing the certs (NO delete function either !) by disabling the SSL site feature of that website fixed the bug, but at restart step it wrote something like:
no restart, server stopped
but then we had to MANUALLY restart the webserver.
Marking this as critical, since it stops the service, and this is a show-stopper for us to go out of beta-tests.
We can probably provide privately the cert (with the user (beta tester)'s prior consent), if needed.