access ispconfig panel from FQDN

Discussion in 'Installation/Configuration' started by shiroko, Nov 19, 2014.

  1. shiroko

    shiroko New Member


    During installation to use ispconfig I declared my ugly_webserver_name_ip_address to work on port :8080

    I have a SSL cert for my webserver and I can access admin panel without problem using my ugly_webserver_name_ip_address over a HTTPS protocole.

    The thing is, I'd lilke to access ispconfig panel through our website domain.tld over a HTTPS protocole.

    We do own a SSL cert for that domain.tld
    But when we try to connect to ispcoinfig panel through domain.tld:8080 HTTPS protocole doesn't work anymore, even if we have a valid SSL cert on that domain.tld

    How can I access ispconfig over https://domain.tld:8080 instead of https://ugly_webserver_name_ip_address:8080 ?

    Thanks in advance for your help !
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    you can use any domain or ip address that points to your server to access ispconfig, you dont have to use the hostname. so as soon domain.tld points to the server ip, you can use that.
  3. shiroko

    shiroko New Member

    Hi till,

    Thanks for your reply.
    Indeed, I can access admin panel over our domain.tld:8080

    The only problem I have is I can't use the HTTPS protocole even if I have a valid SSL cert on both ugly_webserver_name_ip_address.tld && domain.tld

    I believe is due to port :8080 and have no idea on how to fix it.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    The port does not matter for ssl. If you have a valid ssl cert and key for your domain, then replace the cert and key in /usr/local/ispconfig/interface/ssl/ with your official cert and restart apache.
  5. shiroko

    shiroko New Member

    Hi till,

    already done that from start and it works perfectly when I want to access ISPConfig over HTTPS from uglyserver_name_and_IP:8080 but doesn't work from domain.tld:8080, HTTPS is barred (crossed) on the browser.

    This is what I have in /usr/local/ispconfig/interface/ssl :


  6. till

    till Super Moderator Staff Member ISPConfig Developer

    I asked you to replace the ssl cert and key file, noot to create new ones with different names. the name of the files have to be:

  7. shiroko

    shiroko New Member

    Oh !

    F****K Comodo asked me to regenerate a key with a fully qualified name because they didn't want to accept the one I gave with ispserver.key

    What can I do now ?

  8. till

    till Super Moderator Staff Member ISPConfig Developer

    See here:

    thats for startssl but should work for comodo in the same way.

    Btw. your ispsever.crt should have contained a fqdn. Seems as if you entered a partial or wrong domain name then during ssl cert setup during ispconfig install. Your new cert now should work as well, but the names of the files are wrong and the bundle has to be in the .crt file for nginx.
  9. shiroko

    shiroko New Member

    OK, will try to regenerate one and keep you posted
  10. shiroko

    shiroko New Member


    Again, I have the same issue...
    I regenerated a SSL crt using

    I again entered my FQDN ugly_server_name_and_IP.tld

    and comodo issued me a .crt with ugly_server_name_and_IP.tld.crt

    If I ignore that and use the default configuration in /etc/neginx/sites-available/ispconfig.vhost like this :

    ssl_certificate /usr/local/ispconfig/interface/ssl/ispconfig.crt;

    HTTPS will not work unless I change to :
    ssl_certificate /usr/local/ispconfig/interface/ssl/ugly_server_name_and_IP.tld.crt;

    Which has been issued by COMODO.

    What did I missed here ?

    Should I have regenerate a .crt declaring ispconfig instead of ugly_server_name_and_IP in FQDN ?
  11. till

    till Super Moderator Staff Member ISPConfig Developer

    You gave the crt file a wrong name. The name has to be ispconfig.crt and not ugly_server_name_and_IP.tld.crt. So what you have to do is to rename ugly_server_name_and_IP.tld.crt to ispconfig.crt (see startssl tutorial) and then do the same with the .key file and restart nginx.
  12. shiroko

    shiroko New Member

    Even with renaming the .crt with ispserver.crt I can't access my admin panel over a HTTPS protocle through my website :

    There is a problem with this website’s security certificate.
    The security certificate presented by this website was issued for a different website's address.
    Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.  
    We recommend that you close this webpage and do not continue to this website. 
    HTTPS protocole works great if I access admin panel over webserver name.

Share This Page