Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Feature Requests

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th February 2007, 00:41
ptiggerdine ptiggerdine is offline
Junior Member
 
Join Date: Feb 2007
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Smile Request Feature Enhancement for ISPConfig 3.x

Firstly I like to thanks all developers and community members for this great product. Unfortunately I have to use plesk at work but once I can see an opening for ISPConfig I will suggest we go down this path.

Exuse my ignorance if these feature exist already and I just haven't found them.

My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.

My Second RFE is for a some sort ISPConfig agent. This would be the first part of have multiple ISPConfig servers being controlled from one central system.

I think both of these feature would allow ISPConfig to be a real force in the data center and allow enterprise/consulting firms to offer commerical support and hence bring more developers and more users to the project.

This is just my 2cents worth.

Thanks inadvance & Regards,

Peter Tiggerdine
Reply With Quote
Sponsored Links
  #2  
Old 20th February 2007, 18:42
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,748 Times in 2,579 Posts
Default

Quote:
Originally Posted by ptiggerdine
My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.
did you check the "Hosting Plans"? Is that what you're looking for?

Quote:
Originally Posted by ptiggerdine
My Second RFE is for a some sort ISPConfig agent. This would be the first part of have multiple ISPConfig servers being controlled from one central system.
We will have something like this in ISPConfig 3.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 21st February 2007, 01:02
Sheridan Sheridan is offline
Junior Member
 
Join Date: Jun 2006
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Hi to all.

I would like to see support for multiple domains using one ssl cert in 3.x.
At the moment i've to add the needed configuration by hand. Not much of a hassle but would be nice to get this handled by simply checking the ssl option.

Thanks anyway.
Sheridan
Reply With Quote
  #4  
Old 21st February 2007, 09:42
martinfst martinfst is offline
Senior Member
 
Join Date: Dec 2006
Location: Hilversum, The Netherlands
Posts: 880
Thanks: 1
Thanked 18 Times in 17 Posts
Send a message via MSN to martinfst Send a message via Skype™ to martinfst
Default

Quote:
Originally Posted by Sheridan
Hi to all.

I would like to see support for multiple domains using one ssl cert in 3.x.
At the moment i've to add the needed configuration by hand. Not much of a hassle but would be nice to get this handled by simply checking the ssl option.
I think you ask two questions.
1. One Cert for multiple domains: this is not possible because of the way ssl is working. SSL Certs work for one domain and one IP. There is a special case for wildcard certs, which will allow multiple system hostnames to authenticate with the same Cert, but that's the only exception.

2. Simply checking the ssl option and less manual steps. Again, not possible, as acquiring an official cert mandates an exchange of information between you and the Certificate Authority (Thawte, Verisign, many others). And for self-signed certs, you only have to do ' create cert' and you're done.

Thanks for thinking with the developers, really appreciate it, but unfortunately your suggestion cannot be realized because of the design of SSL.
Reply With Quote
  #5  
Old 21st February 2007, 12:11
djtremors djtremors is offline
Senior Member
 
Join Date: Apr 2006
Location: Sydney
Posts: 278
Thanks: 0
Thanked 13 Times in 11 Posts
Default

Quote:
Originally Posted by ptiggerdine
My RFE is for templates in the domain side of things. Alot of the time we add domain with exactly the same information as the last domain (minus 1 or 2 changes). This would allow replication of the same information (e.g. NS1, NS2 MX A SPF ) much quicker and make it much easier for the resellers.
I know what you mean. Best you can do is alter the master conf file which is used as a template when sites are changed or added.

eg.
/root/ispconfig/isp/conf/pri.domain.master
/root/ispconfig/isp/conf/vhost.conf.master
etc.

But these would be global and not per hosting plan which would've been good.

There alot more that ISPC could do but without making it more complex and alot of changes to existing code, all you can do is modify what you got.

I've been playing around with inserting Includes() in parts of ISPC to call my own routines which makes plugging functions in easier... catch is new updates I have to reenter it in. *sigh*
Reply With Quote
  #6  
Old 6th March 2007, 21:27
Sheridan Sheridan is offline
Junior Member
 
Join Date: Jun 2006
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by martinfst
I think you ask two questions.
1. One Cert for multiple domains: this is not possible because of the way ssl is working. SSL Certs work for one domain and one IP. There is a special case for wildcard certs, which will allow multiple system hostnames to authenticate with the same Cert, but that's the only exception.
I think i have to give you an example on what i mean with one cert for multiple domains.

Let's think about a server that has the following hostname "server1.mydomain.com". server1.mydomain.com also exists as a valid dns A-record.
So you now create a cert for "server1.mydomain.com". Then you have to configure apache to use name-based virtual hosts for <yourip>:443 like in the following example:


Code:
<IfModule mod_ssl.c>
NameVirtualHost <ip-address>:443

<VirtualHost <ip-address>:443>
        ServerName www.domain1.com:443
        ServerAdmin admin@domain1.com
        DocumentRoot /var/www/web1/web
        ServerAlias domain1.com
        .....
</VirtualHost>

<VirtualHost <ip-address>:443>
        ServerName www.domain2.com:443
        ServerAdmin admin@domain2.com
        DocumentRoot /var/www/web2/web
        ServerAlias domain2.com
        .....
</VirtualHost>

.....
</IfModule>
Maybe calling that "one cert for multiple domains" has been confusing, but the above configuration is definitely working and valid. Plesk, for example, supports that kind of apache configuration. I think it's the default behaviour until you upload or create your own cert.


greets
Sheridan
Reply With Quote
  #7  
Old 7th March 2007, 20:04
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,748 Times in 2,579 Posts
Default

But the certificate for server1.mydomain.com will not be valid for www.domain1.com and www.domain2.com...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #8  
Old 8th March 2007, 21:06
Sheridan Sheridan is offline
Junior Member
 
Join Date: Jun 2006
Posts: 26
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by falko
But the certificate for server1.mydomain.com will not be valid for www.domain1.com and www.domain2.com...
But it's enough for most small webpages on shared servers to get an encrypted connection without having an official "valid" cert. I know that a cert only for one domain is the correct solution, but you don't always have enough ip's for that.

Anyway. Would be nice to have support for that kind of setup, maybe with a big warning flashing into the admin's face when checking the approriate option.

greets
Sheridan
Reply With Quote
  #9  
Old 22nd May 2007, 21:47
nevis2us nevis2us is offline
Junior Member
 
Join Date: May 2007
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default I second this move

Lack of support for wildcard certificates is a real nuisance in ispconfig.
Neither we nor our customers care much of what the apache docs say.
This works and this is being used by many hosting providers. So why not?
Thanks

Last edited by nevis2us; 22nd May 2007 at 21:50.
Reply With Quote
  #10  
Old 23rd May 2007, 10:47
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 36,804
Thanks: 840
Thanked 5,613 Times in 4,424 Posts
 
Default

Quote:
Originally Posted by nevis2us
Lack of support for wildcard certificates is a real nuisance in ispconfig.
Neither we nor our customers care much of what the apache docs say.
This works and this is being used by many hosting providers. So why not?
Thanks
Wildcard SSL certificates are a wildcard for subdomains, e.g. *.domain.com but they are not valid for just every domain (*). If you need this feature so urgently, feel free to contribute to the development
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
WG311v2 almost working with Edgy (w/o ndiswrapper) need help with the rest caudata Server Operation 11 13th November 2006 21:02


All times are GMT +2. The time now is 19:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.