Incorrect SSL cert served

Discussion in 'ISPConfig 3 Priority Support' started by ronee, Oct 17, 2014.

  1. ronee

    ronee Member HowtoForge Supporter

    We've been running ispconfig and are very familiar with it. We're running Centos 6.5 and ispconfig on the particular server in question.

    The issue we're having is that SSL requests to a configured site that has SSL enabled, is set to a specific IP and has a purchased SSL cert configured are not being correctly handled by apache. What is happening is the default self signed cert for server is being served instead of the SSL cert configured for the site in question.

    It is clear that SSL requests are hitting the default host in apache instead of the specific virtual host for the site in question, but it is not clear as to why this is happening since DNS is correct, the site seems to be correct configured in ispconfig, correct hostname, etc., and yet the requests are still hitting the default virtual host.

    As a temporary fix, we manually edited the paths in conf.d/ssl.conf to point to the purchased cert and key, etc but we'd like to fix this correctly and determine the cause.

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    apache will show the best matching ssl site for an incoming request. If a ssl website has a matching IP (or *) and domain name, then this site will be shown instead of the default ssl vhost from apache. If requests end up in the default vhost, then take a look at the vhost file of the affected website and check if it has a vhost section for port 443 as well. If it does not had such a section, then ispconfig could not activate ssl e.g. due to a ssl cert / key mismatch or a broken cert was inserted.

Share This Page