Making SSL default for all domains under ISPConfig3?

Discussion in 'Installation/Configuration' started by zenny, Dec 2, 2013.

  1. zenny

    zenny Member


    Is there a way to make all sites configured with ISPconfig3+SNI defaults to SSL?


  2. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    No, you have no such function inside of ISPConfig.
    You can do it via the remote api, but defaulting each site to SSL would obviously fail as each website needs its own valid certificate.
  3. zenny

    zenny Member

    Obviously, each site needs to have a separate ssl certificate, that is what SNI solves, or did I miss something?

    It can be done manually by redirecting all http connections to https in index file. Just wondering it could be a feature in ispconfig3 ;-)
  4. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    No. SNI resolves that every SSL-site needs a separate IP-address... A cert is always needed for each site, or you need to get a multidomain cert where every single domain is listed in.
  5. zenny

    zenny Member

    FYI, each site has it's own certificates. Thus it is not SNI or site certificate related, but I just want to redirect all sites to SSL which I can do manually by redirecting. I just wish that if there is a built-in feature with ISPConfig3. That's all.
  6. Croydon

    Croydon ISPConfig Developer ISPConfig Developer

    You can alter the /usr/local/ispconfig/server/conf/vhost.master file.
    If you dont work with the domain names but with variables instead:
    RewriteCond %{HTTPS} != on
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
    If you put this inside the vhost master (you should copy it to conf-custom and modify it there) this is taken for each newly created vhost in ispconfig instead of the default one.

Share This Page