Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 17th April 2011, 15:26
serkejal serkejal is offline
Junior Member
 
Join Date: Apr 2011
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default 4 Questions SSL cert, https redirect, WebFtp,Bind

Hi, i have 4 questions about configuration of secure access,web ftp and bind views

1) i've created a SSL cert and redirected the http address for roundcube and phpmyadmin on https and everything is all right. But when a user visits a site created with Ispconfig to acces to the webmail (e.g. http://www.example.com/webmail) the browser will redirect to https correctly but alert the user that the CN of cert doesn't match the site this is because the CN is the main site or the common name of the server. what can i do?would be possibile to redirect all site/webmail to mainsite/webmail to avoid the alert that CN doesn't match?
1a) when i set ssl for a domain , it can be accessed either via http and https , How can i restric to only https?

2) when a user visits the panel ISPConfig via the http is shown a page that warns you to use https ... is possible redirect to https automatically?

3) Can u tell me a good webFTP client compatible with ispconfig?

4) Can i configure Bind for internal and external "view" through Ispconfig?

to create a cert and to redirect traffic i used this post and this tutorial

Last edited by serkejal; 17th April 2011 at 16:48.
Reply With Quote
Sponsored Links
  #2  
Old 17th April 2011, 20:02
ncoc.nl ncoc.nl is offline
Member
 
Join Date: Feb 2011
Posts: 36
Thanks: 3
Thanked 17 Times in 11 Posts
Default

The redirection from http to https can be done in different ways, the first option(s) I think about:

Create a subdomain redirecting to your https site.
Put a php or html page redirecting to your https sit, e.g.:

PHP Code:
<?php 
Header
("Location: https://yourmainsite/webmail");
?>
regards,
Ronald
Reply With Quote
  #3  
Old 17th April 2011, 20:42
serkejal serkejal is offline
Junior Member
 
Join Date: Apr 2011
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by ncoc.nl View Post
The redirection from http to https can be done in different ways, the first option(s) I think about:

Create a subdomain redirecting to your https site.
Put a php or html page redirecting to your https sit, e.g.:

PHP Code:
<?php 
Header
("Location: https://yourmainsite/webmail");
?>
regards,
Ronald
i use to redirect to https the mod_rewrite and mod_ssl in apache configuration file of roundcube and phpmyadmin..the problem is that i want redirect all domain.com/webmail to maindomain.com/webmail (or deactive the access from domain.com/webmail) to pass the ssl check on Common Name..
your solution is good for a subdomain like webmail.domain.com...and the use of a redirect in php or html don't redirect all http query to https but only a particular query..
Reply With Quote
  #4  
Old 17th April 2011, 21:03
ncoc.nl ncoc.nl is offline
Member
 
Join Date: Feb 2011
Posts: 36
Thanks: 3
Thanked 17 Times in 11 Posts
Default

Hi,

Another possibilty is an .htaccess file:

Redirect 301 /webmail https://your mainsite/webmail

Not that nice but it's working
Reply With Quote
  #5  
Old 19th April 2011, 00:05
serkejal serkejal is offline
Junior Member
 
Join Date: Apr 2011
Posts: 11
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I found another way... from this tutorial i have changed this part
Code:
<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location /webmail>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC]
      RewriteRule . https://%{HTTP_HOST}:50443%{REQUEST_URI}  [L]
    </Location>
  </IfModule>
</IfModule>
to this.
Code:
<IfModule mod_rewrite.c>
  <IfModule mod_ssl.c>
    <Location /webmail>
      RewriteEngine on
      RewriteCond %{HTTPS} !^on$ [NC,OR]
      RewriteCond %{HTTP_HOST} !^my\.main\.domain:50443 [NC]
      RewriteRule  . https://my.main.domain:50443%{REQUEST_URI} [R,L]
    </Location>
  </IfModule>
</IfModule>
so all domains/webmail is redirected to maindomain/webmail ..
now all the http requests are redirected properly, without certification problems.
otherwise https requests made ​​directly to domain/webmail before being redirected verify the certificate..and give the above error ...I do not think there is a solution ...
Is it ,in these cases, useful to have a wildcard certificate?
can I disable access to ISPConfig RoundCube, phpmyadmin on other domain to force everyone to pass from the primary domain?

and then are also other questions
Reply With Quote
  #6  
Old 19th April 2011, 00:23
ncoc.nl ncoc.nl is offline
Member
 
Join Date: Feb 2011
Posts: 36
Thanks: 3
Thanked 17 Times in 11 Posts
Default

There could be a problem with your solution: firewall issues
What if the choosen port (50443) is blocked?

About your other questions:

I don't use webftp so in this case I do not have an answer.
About your bind question, what do you mean by "Can i configure Bind for internal and external "view" through Ispconfig?"

Possibly the answer is as followed, for ip4 you can add the line:

listen-on { any; };

in /etc/bind/named.conf.options.

This will force bind to listen on all ip addresses (including localhost)

Regards,
Ronald
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Can't use self-signed SSL after adding real SSL cert mrjohn Installation/Configuration 1 11th January 2011 07:31
SSL Cert Question for ISPConfig Access giganet Installation/Configuration 33 28th March 2009 08:56
Generating SSL Cert question satimis Server Operation 4 25th February 2008 16:15
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 18:59
New SSL Cert PoleCat Installation/Configuration 15 4th July 2007 11:13


All times are GMT +2. The time now is 04:34.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.