Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration
Reload this Page How to configure multiple SSL with one IP
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 5th February 2013, 15:17
Erjen Erjen is offline
Junior Member
  
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default How to configure multiple SSL with one IP
Hi,

In the first place, thanks for the great product!

I am trying to configure multiple SSL websites on one IP address.
So I checked SNI and configured an IP address to a client and in the website I changed IPv4 * to IPv4 [IP address]. And the last step I did also on my other website.

But after that, if I use just http in the browser, it's not connecting to the website but to the "It Works!" Apache page. And if I use https it connects to the first configured website with SSL.

What am I doing wrong? It should work with SNI right?

Thanks in advance for the help!


--------------------
I am using Debian with ISPConfig 3.0.4.6 and Apache 2.2.16
--------------------
Last edited by Erjen; 5th February 2013 at 15:24. Reason: Server details
Reply With Quote
Sponsored Links
  #2  
Old 6th February 2013, 13:18
falko falko is offline
Super Moderator
  
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,665
Thanks: 1,896
Thanked 2,594 Times in 2,445 Posts
Default
Can you post both vhost configurations?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 6th February 2013, 14:24
Erjen Erjen is offline
Junior Member
  
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Thanks for your response Falko.

Can I PM those files to you? I don't like to make them public.

And I found out that if I use the same IP address on the same website, both aren't working, nor the SSL connection, unlike i said before.

Thanks again.
Reply With Quote
  #4  
Old 9th February 2013, 10:55
Erjen Erjen is offline
Junior Member
  
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default
I still can't figure it out.. And I guess I can't PM you the files so then I will just post them here and changed the two domains with [domain] and [domain2].

I would really appreciate it if you can help me out!
Thanks!

[domain].vhost
Code:
<Directory /var/www/[domain].nl>
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>

<VirtualHost [external IP address]:80>
      DocumentRoot /var/www/[domain].nl/web
  
    ServerName [domain].nl
    ServerAlias www.[domain].nl
    ServerAdmin webmaster@[domain].nl

    ErrorLog /var/log/ispconfig/httpd/[domain].nl/error.log

    Alias /error/ "/var/www/[domain].nl/web/error/"
    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 502 /error/502.html
    ErrorDocument 503 /error/503.html

    <IfModule mod_ssl.c>
    </IfModule>

    <Directory /var/www/[domain].nl/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client3/web14/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>



    # suexec enabled
    <IfModule mod_suexec.c>
      SuexecUserGroup web14 client3
    </IfModule>
    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
    <IfModule mod_fcgid.c>
        IdleTimeout 300
        ProcessLifeTime 3600
        # MaxProcessCount 1000
        DefaultMinClassProcessCount 0
        DefaultMaxClassProcessCount 100
        IPCConnectTimeout 3
        IPCCommTimeout 360
        BusyTimeout 300
    </IfModule>
    <Directory /var/www/[domain].nl/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web14/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client3/web14/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web14/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web14 client3
    </IfModule>

    <IfModule mod_dav_fs.c>
	  # Do not execute PHP files in webdav directory
      <Directory /var/www/clients/client3/web14/webdav>
	    <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
      DavLockDB /var/www/clients/client3/web14/tmp/DavLock
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
<VirtualHost [external IP address]:443>
      DocumentRoot /var/www/[domain].nl/web
  
    ServerName [domain].nl
    ServerAlias www.[domain].nl
    ServerAdmin webmaster@[domain].nl

    ErrorLog /var/log/ispconfig/httpd/[domain].nl/error.log

    Alias /error/ "/var/www/[domain].nl/web/error/"
    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 502 /error/502.html
    ErrorDocument 503 /error/503.html

    <IfModule mod_ssl.c>
	SSLEngine on
    SSLCertificateFile /var/www/clients/client3/web14/ssl/www.[domain].nl.crt
    SSLCertificateKeyFile /var/www/clients/client3/web14/ssl/www.[domain].nl.key
    </IfModule>

    <Directory /var/www/[domain].nl/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client3/web14/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>



    # suexec enabled
    <IfModule mod_suexec.c>
      SuexecUserGroup web14 client3
    </IfModule>
    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
    <IfModule mod_fcgid.c>
        IdleTimeout 300
        ProcessLifeTime 3600
        # MaxProcessCount 1000
        DefaultMinClassProcessCount 0
        DefaultMaxClassProcessCount 100
        IPCConnectTimeout 3
        IPCCommTimeout 360
        BusyTimeout 300
    </IfModule>
    <Directory /var/www/[domain].nl/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web14/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/client3/web14/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web14/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web14 client3
    </IfModule>

    <IfModule mod_dav_fs.c>
	  # Do not execute PHP files in webdav directory
      <Directory /var/www/clients/client3/web14/webdav>
	    <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
      DavLockDB /var/www/clients/client3/web14/tmp/DavLock
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
[domain2].vhost
Code:
<Directory /var/www/[domain2].nl>
    AllowOverride None
    Order Deny,Allow
    Deny from all
</Directory>

<VirtualHost [external IP address]:80>
      DocumentRoot /var/www/[domain2].nl/web
  
    ServerName [domain2].nl
    ServerAlias www.[domain2].nl
    ServerAdmin webmaster@[domain2].nl

    ErrorLog /var/log/ispconfig/httpd/[domain2].nl/error.log

    Alias /error/ "/var/www/[domain2].nl/web/error/"
    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 502 /error/502.html
    ErrorDocument 503 /error/503.html

    <IfModule mod_ssl.c>
    </IfModule>

    <Directory /var/www/[domain2].nl/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/210220203/web15/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>



    # suexec enabled
    <IfModule mod_suexec.c>
      SuexecUserGroup web15 client3
    </IfModule>
    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
    <IfModule mod_fcgid.c>
        IdleTimeout 300
        ProcessLifeTime 3600
        # MaxProcessCount 1000
        DefaultMinClassProcessCount 0
        DefaultMaxClassProcessCount 100
        IPCConnectTimeout 3
        IPCCommTimeout 360
        BusyTimeout 300
    </IfModule>
    <Directory /var/www/[domain2].nl/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web15/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/210220203/web15/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web15/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web15 client3
    </IfModule>

    <IfModule mod_dav_fs.c>
	  # Do not execute PHP files in webdav directory
      <Directory /var/www/clients/210220203/web15/webdav>
	    <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
      DavLockDB /var/www/clients/210220203/web15/tmp/DavLock
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
<VirtualHost [external IP address]:443>
      DocumentRoot /var/www/[domain2].nl/web
  
    ServerName [domain2].nl
    ServerAlias www.[domain2].nl
    ServerAdmin webmaster@[domain2].nl

    ErrorLog /var/log/ispconfig/httpd/[domain2].nl/error.log

    Alias /error/ "/var/www/[domain2].nl/web/error/"
    ErrorDocument 400 /error/400.html
    ErrorDocument 401 /error/401.html
    ErrorDocument 403 /error/403.html
    ErrorDocument 404 /error/404.html
    ErrorDocument 405 /error/405.html
    ErrorDocument 500 /error/500.html
    ErrorDocument 502 /error/502.html
    ErrorDocument 503 /error/503.html

    <IfModule mod_ssl.c>
	SSLEngine on
    SSLCertificateFile /var/www/clients/210220203/web15/ssl/www.[domain2].nl.crt
    SSLCertificateKeyFile /var/www/clients/210220203/web15/ssl/www.[domain2].nl.key
    </IfModule>

    <Directory /var/www/[domain2].nl/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/210220203/web15/web>
        Options FollowSymLinks
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>



    # suexec enabled
    <IfModule mod_suexec.c>
      SuexecUserGroup web15 client3
    </IfModule>
    # Clear PHP settings of this website
    <FilesMatch "\.ph(p3?|tml)$">
        SetHandler None
    </FilesMatch>
    # php as fast-cgi enabled
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
    <IfModule mod_fcgid.c>
        IdleTimeout 300
        ProcessLifeTime 3600
        # MaxProcessCount 1000
        DefaultMinClassProcessCount 0
        DefaultMaxClassProcessCount 100
        IPCConnectTimeout 3
        IPCCommTimeout 360
        BusyTimeout 300
    </IfModule>
    <Directory /var/www/[domain2].nl/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web15/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>
    <Directory /var/www/clients/210220203/web15/web>
        AddHandler fcgid-script .php .php3 .php4 .php5
        FCGIWrapper /var/www/php-fcgi-scripts/web15/.php-fcgi-starter .php
        Options +ExecCGI
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>


    # add support for apache mpm_itk
    <IfModule mpm_itk_module>
      AssignUserId web15 client3
    </IfModule>

    <IfModule mod_dav_fs.c>
	  # Do not execute PHP files in webdav directory
      <Directory /var/www/clients/210220203/web15/webdav>
	    <FilesMatch "\.ph(p3?|tml)$">
          SetHandler None
        </FilesMatch>
      </Directory>
      DavLockDB /var/www/clients/210220203/web15/tmp/DavLock
      # DO NOT REMOVE THE COMMENTS!
      # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
      # WEBDAV BEGIN
      # WEBDAV END
    </IfModule>


</VirtualHost>
Reply With Quote
  #5  
Old 12th February 2013, 12:56
Erjen Erjen is offline
Junior Member
  
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Well, I just installed ISPConfig 3.0.5 RC1, very interesting version. It solves a lot of problems like now I can choose if the user may use SSL.

But still, I can't figure out how to configure SSL on one IP-address. it's still not working, even in 3.0.5 RC1 I can't get it to work properly with multiple sites on 1 IP address. Can someone please explain how I have to configure it?

Thanks thanks.
Reply With Quote
  #6  
Old 14th February 2013, 13:33
Erjen Erjen is offline
Junior Member
  
Join Date: Feb 2013
Posts: 5
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Its finally working.. pff not really much help here but that's probably just me.

The problem was with the current stable version (3.0.4.6) that you can bring the Apache server down by signing a wrong .crt.
So before, I deleted everything related to SSL to be able to start the Apache server again. But I also deleted
Code:
NameVirtualHost *:443
from /etc/apache2/ports.conf.

I replaced that rule and everything is working fine now! And also, you shouldn't choose an IP in sites in ISPConfig, just leave the *.

cheers
Last edited by Erjen; 14th February 2013 at 13:36.
Reply With Quote
Reply

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Hybrid Mode Hybrid Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ISPConfig3 How to have multiple manually created port based SSL client sites hosts zapyahoo Installation/Configuration 10 20th January 2013 16:01
ssl and multiple virtual hosts in apache max123 Server Operation 4 20th November 2012 15:00
Need help with ISPConfig 3 Update midcarolina Installation/Configuration 36 8th November 2011 22:07
Ubuntu 10.04 VS ISPConfig 2.2.37 Bicet Installation/Configuration 7 9th March 2011 15:58
Companion Script #2 for The Perfect Server - Fedora 13 x86_64 [ISPConfig 3]" MrCompTech Tips/Tricks/Mods 0 10th July 2010 05:11


All times are GMT +2. The time now is 14:52.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.