HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Admin and client access to ispconfig with SSL (http://www.howtoforge.com/forums/showthread.php?t=33869)

indesco 19th April 2009 14:26

Admin and client access to ispconfig with SSL
 
Hello everyone,

I am testing ISPconfig3 and came with the following issue:
After installing ISPconfig3 using the manual of SuSe 11.1 perfect server setup with ISPconfig3 I came to the conclusion that there is no initial secure access to the contrle panel.
I have installed ISPconfig to be working on port 8080 and understand that this is not a conventional SSL port. But it should be possible because there are routers and applications like webmin that can bind the SSL service to other ports then 443.

So I check the apache config and came to the conclusion that only the http access is configured in /etc/apache2/sites-available/ispconfig.vhost

In my opinion when accessing a controle panel it should be a secure connection.

Since the server is at home and I have only 1 IP address, all websites hosted will be using the same IP number and should be able to use the same SSL certificate (self signed).

My question is therefor obvious:
How can I activate SSL to access the ISPcontrolpanel? (in detail).
When adding clients can they use the same SSL certificate (knowing that they will get a message from the browser).

Thanks in advance.
Ray

falko 20th April 2009 11:39

Quote:

Originally Posted by indesco (Post 182807)
How can I activate SSL to access the ISPcontrolpanel? (in detail).

Generate an SSL cert and add something like this to the ISPConfig vhost:

Code:

<IfModule mod_ssl.c>
SSLEngine on
SSLCertificateFile /path/to/certificate.crt
SSLCertificateKeyFile /path/to/certificate.key
</IfModule>


Quote:

Originally Posted by indesco (Post 182807)
When adding clients can they use the same SSL certificate (knowing that they will get a message from the browser).

If you have no problem with the warning, then yes.


All times are GMT +2. The time now is 14:50.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.