HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Installation/Configuration (
-   -   HA SSL Setup (

bc2946088 30th March 2012 05:28

HA SSL Setup
I have 2 ISPconfig servers that are setup for redundancy behind my firewall.

I've setup my public IPs on the firewall and then specify internal IP's on each server.

Public - NAT - - Server 1 - - Server 2

It works great, however when I add an SSL site, it breaks the system.

For instance, I will create a new ssl site on the master. I then assign an internal IP on the master server then setup a public IP to NAT to it. - - Server 1

This works fine but then breaks apache on Server 2. The apache entry is created for, which isnt on that server. If I can create on server 2, and edit the apache site, will the site get overwritten? The SSL certificate is a wildcard and it used on both servers, so that shouldn't be a problem.

I will then create a failover group on my firewall to determine which server the user will get sent to.

I just want to make sure that the vhost directive isn't going to get overwritten when I adjust anything on the master. I suppose it's fine, if I edit that particular site, I will just know I need to do manual editing on server 2. If I create a new site entirely, I don't want to have to edit every other site on server 2.


till 30th March 2012 09:20

Sites are only updated when you edit that particular site, not when you create a new one. SSL sites with SNI should work asyou can use * instead of the IP address, but SNI is most likel not what you want.

It is planned to add a IP address translation table in one of the next ispconfig releases to resolve this problem on mirrored setups.

bc2946088 30th March 2012 18:49

That is excellent news. I don't mind adding the site then editing it on the second server. Then any future modifications, I'll edit the virtual hosts directly.


All times are GMT +2. The time now is 02:38.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.