#1  
Old 18th August 2010, 10:01
AubreyKilian AubreyKilian is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Question SSL VirtualHost oddity

Hi All,

I'm experiencing an odd issue with enabling the first SSL'd host on ISPConfig 3. So far, all the virtualhosts were configured to use "*" as the IP Number, so all VHosts have "*:80" in the apache config files.

I just created a new virtualhost that I want to have an SSL certificate on, on which I need to specify the server's IP number as the VirtualHost's IP.
This works 100% perfectly, the vhost comes up, SSL works, perfect.
BUT, what also happens is that every single other virtualhost on the server ends up rendering the SSL'd virtualhost's content. As soon as I change the IP number in ISPConfig back to "*", all the other virtualhosts work as expected, and the new SSL'd one gives an SSL cert error "Issuer not trusted", as it's not picking up the virtualhost's cert, but the server's self-signed one.

I have 2 Listen statements in httpd.conf, one for port 80, one for port 443. I also have 4 NameVirtualHost lines, the *:80 and *:443 ones, and then also the xxx.xxx.xxx.xxx:80 and xxx.xxx.xxx.xxx:443 ones.

This is likely an Apache config issue and not an ispconfig one, but I was just wondering if anybody else has come across this issue before and what the solution was?

Thanks
-Aubrey
Reply With Quote
Sponsored Links
  #2  
Old 19th August 2010, 04:51
giovinazzo giovinazzo is offline
Junior Member
 
Join Date: May 2007
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I am running a fresh install of 3.0.2.2 on Ubuntu 9.10 and I think that I am also experiencing the same problem, but I don't know the solution yet.
I created 2 certificates for 2 vhosts via the web interface, but as soon as I created the second one, accessing the first domain points to the last certificate that was created.
If I restart apache it tells me that there is a certificate conflict on the SSL port.
Any help would be appreciated.
Reply With Quote
  #3  
Old 19th August 2010, 06:57
AubreyKilian AubreyKilian is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Quote:
Originally Posted by giovinazzo View Post
I am running a fresh install of 3.0.2.2 on Ubuntu 9.10 and I think that I am also experiencing the same problem, but I don't know the solution yet.
I created 2 certificates for 2 vhosts via the web interface, but as soon as I created the second one, accessing the first domain points to the last certificate that was created.
If I restart apache it tells me that there is a certificate conflict on the SSL port.
Any help would be appreciated.
Not sure it's the same problem as I'm experiencing, you need to remember that each SSL'd virtualhost needs its own IP number on your server, are you specifying a second IP number for your second virtualhost?

-Aubrey
Reply With Quote
  #4  
Old 19th August 2010, 14:43
AubreyKilian AubreyKilian is offline
Junior Member
 
Join Date: Aug 2010
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
 
Thumbs up *Solved* SSL VirtualHost Oddity

Quote:
Originally Posted by AubreyKilian View Post
Hi All,

This is likely an Apache config issue and not an ispconfig one, but I was just wondering if anybody else has come across this issue before and what the solution was?
As I suspected, this was indeed not an ISPConfig problem, but an Apache/mod_ssl problem.
The default mod_ssl config file added a virtualhost called "_default_:443" - which took precedence over my new virtualhost that I created.
The _default_ one didn't have any documentroot or path information, just some SSL settings, including details for a server certificate. This information was picked up first.

Solution: Comment out/remove the whole _default_:443 virtualhost from the mod_ssl config file (/etc/httpd/conf.d/ssl.conf in my case on Centos 5)
Reply With Quote
Reply

Bookmarks

Tags
apache, mod_ssl, ssl

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Creating a SSL certificate - Quick guide SamTzu Tips/Tricks/Mods 22 4th January 2011 13:38
ISPConfig 3.0.0.8 RC1 released till General 92 22nd February 2010 09:52
Issues with MyDNS and ISPConfig 3.0.0.8 koltz General 36 3rd March 2009 15:40
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
PHP doesn't work! JimmiJames Server Operation 1 30th January 2007 12:30


All times are GMT +2. The time now is 23:22.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.