HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Feature Requests (http://www.howtoforge.com/forums/forumdisplay.php?f=17)
-   -   Request Feature Enhancement for ISPConfig 3.x (http://www.howtoforge.com/forums/showthread.php?t=10721)

ptiggerdine 19th February 2007 23:41

Request Feature Enhancement for ISPConfig 3.x
 
Firstly I like to thanks all developers and community members for this great product. Unfortunately I have to use plesk at work but once I can see an opening for ISPConfig I will suggest we go down this path.

Exuse my ignorance if these feature exist already and I just haven't found them.

My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.

My Second RFE is for a some sort ISPConfig agent. This would be the first part of have multiple ISPConfig servers being controlled from one central system.

I think both of these feature would allow ISPConfig to be a real force in the data center and allow enterprise/consulting firms to offer commerical support and hence bring more developers and more users to the project.

This is just my 2cents worth.

Thanks inadvance & Regards,

Peter Tiggerdine

falko 20th February 2007 17:42

Quote:

Originally Posted by ptiggerdine
My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.

did you check the "Hosting Plans"? Is that what you're looking for?

Quote:

Originally Posted by ptiggerdine
My Second RFE is for a some sort ISPConfig agent. This would be the first part of have multiple ISPConfig servers being controlled from one central system.

We will have something like this in ISPConfig 3. :)

Sheridan 21st February 2007 00:02

Hi to all.

I would like to see support for multiple domains using one ssl cert in 3.x.
At the moment i've to add the needed configuration by hand. Not much of a hassle but would be nice to get this handled by simply checking the ssl option.

Thanks anyway.
Sheridan

martinfst 21st February 2007 08:42

Quote:

Originally Posted by Sheridan
Hi to all.

I would like to see support for multiple domains using one ssl cert in 3.x.
At the moment i've to add the needed configuration by hand. Not much of a hassle but would be nice to get this handled by simply checking the ssl option.

I think you ask two questions.
1. One Cert for multiple domains: this is not possible because of the way ssl is working. SSL Certs work for one domain and one IP. There is a special case for wildcard certs, which will allow multiple system hostnames to authenticate with the same Cert, but that's the only exception.

2. Simply checking the ssl option and less manual steps. Again, not possible, as acquiring an official cert mandates an exchange of information between you and the Certificate Authority (Thawte, Verisign, many others). And for self-signed certs, you only have to do ' create cert' and you're done.

Thanks for thinking with the developers, really appreciate it, but unfortunately your suggestion cannot be realized because of the design of SSL.

djtremors 21st February 2007 11:11

Quote:

Originally Posted by ptiggerdine
My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.

I know what you mean. Best you can do is alter the master conf file which is used as a template when sites are changed or added.

eg.
/root/ispconfig/isp/conf/pri.domain.master
/root/ispconfig/isp/conf/vhost.conf.master
etc.

But these would be global and not per hosting plan which would've been good.

There alot more that ISPC could do but without making it more complex and alot of changes to existing code, all you can do is modify what you got.

I've been playing around with inserting Includes() in parts of ISPC to call my own routines which makes plugging functions in easier... catch is new updates I have to reenter it in. *sigh*

Sheridan 6th March 2007 20:27

Quote:

Originally Posted by martinfst
I think you ask two questions.
1. One Cert for multiple domains: this is not possible because of the way ssl is working. SSL Certs work for one domain and one IP. There is a special case for wildcard certs, which will allow multiple system hostnames to authenticate with the same Cert, but that's the only exception.

I think i have to give you an example on what i mean with one cert for multiple domains.

Let's think about a server that has the following hostname "server1.mydomain.com". server1.mydomain.com also exists as a valid dns A-record.
So you now create a cert for "server1.mydomain.com". Then you have to configure apache to use name-based virtual hosts for <yourip>:443 like in the following example:


Code:

<IfModule mod_ssl.c>
NameVirtualHost <ip-address>:443

<VirtualHost <ip-address>:443>
        ServerName www.domain1.com:443
        ServerAdmin admin@domain1.com
        DocumentRoot /var/www/web1/web
        ServerAlias domain1.com
        .....
</VirtualHost>

<VirtualHost <ip-address>:443>
        ServerName www.domain2.com:443
        ServerAdmin admin@domain2.com
        DocumentRoot /var/www/web2/web
        ServerAlias domain2.com
        .....
</VirtualHost>

.....
</IfModule>

Maybe calling that "one cert for multiple domains" has been confusing, but the above configuration is definitely working and valid. Plesk, for example, supports that kind of apache configuration. I think it's the default behaviour until you upload or create your own cert.


greets
Sheridan

falko 7th March 2007 19:04

But the certificate for server1.mydomain.com will not be valid for www.domain1.com and www.domain2.com...

Sheridan 8th March 2007 20:06

Quote:

Originally Posted by falko
But the certificate for server1.mydomain.com will not be valid for www.domain1.com and www.domain2.com...

But it's enough for most small webpages on shared servers to get an encrypted connection without having an official "valid" cert. I know that a cert only for one domain is the correct solution, but you don't always have enough ip's for that.

Anyway. Would be nice to have support for that kind of setup, maybe with a big warning flashing into the admin's face when checking the approriate option. :D

greets
Sheridan

nevis2us 22nd May 2007 20:47

I second this move
 
Lack of support for wildcard certificates is a real nuisance in ispconfig.
Neither we nor our customers care much of what the apache docs say.
This works and this is being used by many hosting providers. So why not?
Thanks

till 23rd May 2007 09:47

Quote:

Originally Posted by nevis2us
Lack of support for wildcard certificates is a real nuisance in ispconfig.
Neither we nor our customers care much of what the apache docs say.
This works and this is being used by many hosting providers. So why not?
Thanks

Wildcard SSL certificates are a wildcard for subdomains, e.g. *.domain.com but they are not valid for just every domain (*). If you need this feature so urgently, feel free to contribute to the development :)


All times are GMT +2. The time now is 03:51.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.