View Single Post
  #6  
Old 31st March 2013, 15:58
midcarolina midcarolina is offline
Senior Member
 
Join Date: Jul 2011
Posts: 254
Thanks: 1
Thanked 5 Times in 5 Posts
Default SNI Disabled

The best method to avoid this SSL error is to disable the SNI feature completely. Prior to the SNI option set in ISPConfig, I ran my servers as such:

WAN IP for main DNS (Public static), then

LAN IP I only use one: e.g 192.168.11.XX

I have 5 shared boxes running this set-up (no extra LAN ips) and all browsers resolve them just fine without this feature.

Some may or may not know - Android OS, iOS, Blackberry, etc. smartphones, tablets and such tend to give SSL's a harder time.

I haven't had a single issue as long as I validated them with a CA Authority.

Best solution as of today - $5.99 Godaddy cert. Works fine running:

Static WAN IP >> LAN IP (in ISPConfig) without SNI. One box has perhaps 15 or so SSLs on the exact same LAN IP (192.168.11.XX) with no issues in browsers or tablets, smartphones, mobile web, mobile apps, etc....

Best...

P.S. This is using Apache 2.2, not nginx (have no knowledge of nginx), so please restart apache server after reconfiguration.

Last edited by midcarolina; 31st March 2013 at 16:08. Reason: Left out important conclusion!
Reply With Quote