Howto integrate SSL Proxy Feature into ISPConfig [SOLVED] Isn't it strange, that there seems to be no demand for a SSL Proxy feature for ISPConfig? I mean, IPs are rare, SSLcerts cost money, so a logical conclusion is to be able to use just one IP & SSLcert for a bunch of hosted sites like this: Use https://ssl.domain.tld/www.domain.tld/ instead of https://www.domain.tld And this is the sslproxy.conf that does the magic (found here): Code: RewriteLock /var/lock/rewrite.lock <VirtualHost 999.888.777.666:443> DocumentRoot "/home/www/web1/html/sslproxy" ServerName ssl.domain.de SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLCertificateFile /etc/httpd/ssl.crt/server.crt SSLCertificateKeyFile /etc/httpd/ssl.key/server.key SSLEngine on # Rewrite-Engine einschalten fuer Umschreiben der URL RewriteEngine on # Logging ausschalten mit folgenden Zeilen: #RewriteLog /dev/null #RewriteLog 0 RewriteLog /var/log/httpd/sslproxy.log RewriteLogLevel 1 RewriteMap lowercase int:tolower RewriteRule ^/icons/(.+) - [L] # Fuer MS Internet Explorer ab Version 6 RewriteRule ^/w3c/(.+) - [L] # Kundendomain in Kleinbuchstaben umwandeln (fuer Datenbank-Lookup) RewriteRule ^/([^/]+)/(.*) /${lowercase:$1}/$2 [S=1] RewriteRule ^/(.*) /${lowercase:$1} # Wenn der Host noch nicht mit ssl.domain.de übereinstimmt dann leite weiter RewriteCond %{HTTP_HOST} !^ssl.domain.de$ RewriteRule ^/(.*) https://ssl.domain.de/%{HTTP_HOST}/$1 [R] # Per Proxy Verbindung zu http://kundendomain/... aufbauen. RewriteRule ^/(.*) http://$1 [P,L] </VirtualHost> Can anybody tell me, how to integrate this into ISPConfig, so that the change does not get automatically overwritten by ISPConfig? Anything else to take care of, when using this feature for all sites managed by ISPConfig? P.S. Wouldn't it make sense, to include this feature into the ISPConfig core?
Add this configuration in your apache2.conf or httpd.conf file right before the include for the Vhost_ispconfig.conf file. Maybe we will integrate this in ISPConfig, I added it as feature request to the bugtracker.