Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 30th July 2009, 09:49
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default Multiple Domains (with SSL), one site?

Hi!

By client request I need a config tool that allows multiple domains (some secured by SSL certificate) to point to the same site, where they are served by a single Drupal multisite installation. Also mail addresses and boxes have to be managed per domain, not per web.

I have to admit, that I have not worked with ISPC3 by now. All my current servers use ISPC2.

Thanks,
Alex
Reply With Quote
Sponsored Links
  #2  
Old 30th July 2009, 10:16
NdK NdK is offline
Member
 
Join Date: Jul 2009
Location: Bologna, ITA
Posts: 41
Thanks: 1
Thanked 3 Times in 1 Post
Default

Having multiple SSL certificates is a real pain. And it's quite slow! Don't do it -- tell the client that it costs too much (if he asks HOW much, tell him at least 20 times what you'd ask for a "normal" one).

The only way the server have to know which site the user is trying to access is trying ALL the certificates (using the private keys). *UNLESS* your client accepts to have an explicit port number in the URL. Or you have access to a different IP for every SSL certificate and then redirect to the same virtual host.

I did it some years ago and wouldn't do it again.
Reply With Quote
  #3  
Old 30th July 2009, 10:33
AlArenal AlArenal is offline
Senior Member
 
Join Date: Feb 2007
Location: Germany
Posts: 104
Thanks: 1
Thanked 5 Times in 5 Posts
Default

Hm.. I've been told that the installation currently holds five sites of which two are secured by SSL. Would you say in such a rather slim use-case the performance penalty would be significant, too?

Also, coming back to my original question, can such a setup be implemented with ISPC3 out of the box?
Reply With Quote
  #4  
Old 30th July 2009, 11:10
NdK NdK is offline
Member
 
Join Date: Jul 2009
Location: Bologna, ITA
Posts: 41
Thanks: 1
Thanked 3 Times in 1 Post
Default

Quote:
Originally Posted by AlArenal View Post
Hm.. I've been told that the installation currently holds five sites of which two are secured by SSL. Would you say in such a rather slim use-case the performance penalty would be significant, too?
It's a 100% impact on performance -- every SSL request takes about twice the time it would take on a single-certificate config.

Quote:
Originally Posted by AlArenal View Post
Also, coming back to my original question, can such a setup be implemented with ISPC3 out of the box?
Sorry, I can't answer to this... I just started using ISPConfig (less than a week!).
Reply With Quote
  #5  
Old 3rd August 2009, 09:06
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 35,976
Thanks: 825
Thanked 5,369 Times in 4,216 Posts
Default

Quote:
Originally Posted by AlArenal View Post
Hi!

By client request I need a config tool that allows multiple domains (some secured by SSL certificate) to point to the same site, where they are served by a single Drupal multisite installation. Also mail addresses and boxes have to be managed per domain, not per web.

I have to admit, that I have not worked with ISPC3 by now. All my current servers use ISPC2.

Thanks,
Alex
I guess a multidomain certificate should work for this.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #6  
Old 3rd August 2009, 12:43
NdK NdK is offline
Member
 
Join Date: Jul 2009
Location: Bologna, ITA
Posts: 41
Thanks: 1
Thanked 3 Times in 1 Post
 
Default

Quote:
Originally Posted by till View Post
I guess a multidomain certificate should work for this.
IIUC multidomain certificates just "group" many domains in a single certificate.

They could be good if you already have the whole domains list when you get your certificate signed by the CA. The only alternative (if you have domains that often come&go) could be a certificate bound to the IP address...
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
client site ssl blocker General 2 24th June 2009 15:58
Exim Gateway with mailwatch (Unable to receive emails) siul0_0 HOWTO-Related Questions 10 8th May 2009 23:00
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
SSL Issue - Unable to connect to any site Menzor Installation/Configuration 4 27th May 2007 04:03
SSL Multiple domains Randy Installation/Configuration 6 15th September 2006 15:01


All times are GMT +2. The time now is 17:34.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.