Navigation

chuckl · #1 11th August 2007, 15:03

A useful article here on using mod_gnutls to enable SSL on multiple name based vhost sites on a single IP address.

http://www.g-loaded.eu/2007/08/10/ss...th-mod_gnutls/

falko · #2 12th August 2007, 14:04

I've read that article also. Unfortunately mod_gnutls seems to be experimental and seems to cause high loads on the server...

But it's an interesting article nevertheless.

axsor · #3 7th September 2007, 14:04

I have tried to add a script alias to the site I have created that has an ssl certificate.

In the Vhosts_ispconfig.conf as below:

<IfModule mod_ssl.c>
<VirtualHost 192.168.0.192:443>
ServerName isp.homenet.local:443
ServerAdmin webmaster@homenet.local
DocumentRoot /var/www/web8/web
ServerAlias homenet.local
DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.
htm
ScriptAlias /cgi-bin/ /var/www/web8/cgi-bin/
ScriptAlias /www.site1.local/cgi-bin/ /var/www/web3/cgi-bin/
Alias /www.site1.local/ /var/www/web3/web/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
ErrorLog /var/www/web8/log/error.log
AddType application/x-httpd-php .php .php3 .php4 .php5
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php3>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php4>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
<Files *.php5>
SetOutputFilter PHP
SetInputFilter PHP
</Files>
php_admin_flag safe_mode On
php_admin_value open_basedir /var/www/web8/
php_admin_value file_uploads 1
php_admin_value upload_tmp_dir /var/www/web8/phptmp/
php_admin_value session.save_path /var/www/web8/phptmp/
SSLEngine on
SSLCertificateFile /var/www/web8/ssl/isp.homenet.local.crt
SSLCertificateKeyFile /var/www/web8/ssl/isp.homenet.local.key
Alias /error/ "/var/www/web8/web/error/"
ErrorDocument 400 /error/invalidSyntax.html
ErrorDocument 401 /error/authorizationRequired.html
ErrorDocument 403 /error/forbidden.html
ErrorDocument 404 /error/fileNotFound.html
ErrorDocument 405 /error/methodNotAllowed.html
ErrorDocument 500 /error/internalServerError.html
ErrorDocument 503 /error/overloaded.html
AliasMatch ^/~([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web8/user/$1/web/$3
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
</IfModule>

When I restart the server it removes the bold lines above. Is there away which i can stop this from happening?

Basically all I want to do is alias https://isp.homenet.local/www.site1.local/ to the root of the web3.

chuckl · #4 7th September 2007, 14:18

Then stop editing ISPConfig's files, it will fight you all the way.

If I am playing with ssl on a site, I disable the ssl in ISPConfig and move the whole entry into the bottom of apache2.conf. There may well be a better way, but that works for me.

kpm · #5 28th December 2008, 20:51

Quote:

Originally Posted by falko

I've read that article also. Unfortunately mod_gnutls seems to be experimental and seems to cause high loads on the server...

But it's an interesting article nevertheless.

After recovering from the initial shock of the costs of purchasing just one ssl certificate from a CA I was glad to find a couple tutorials on line which explain just how to configure Apache's virtual hosts for SSL while only having to purchase one certificate from a CA.

I have spent the last few days reading through the surprisingly few posts and tutorials for setting this up. They all basically point to the gnutls method or your tutorial's method of recompiling OpenSSL with the enable-tlsext directive. I was about to embark down the gnutls road... until I read your post above...

As a result, I would like to go the route of recompiling OpenSSL, however, I am relatively new to this and have not complied of recompiled anything before. My experience is to simply apt-get install and configure. I follow instructions well however, and my question to you is, will your Debain Etch tutorial work on an Ubuntu 8.10 server?

Thanks for this and all the great HowTo's Falko!