multiple ssl sites

Discussion in 'Developers' Forum' started by blocker, Aug 13, 2009.

  1. blocker

    blocker Member

    Hello,

    is it possible with some hardcore apache config change to have multiple ssl sites running on ispc2 server?
    I have noticed that the ispc3 can do that.

    Thanks!
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You can run as many SSL sites in ispconfig 2 as you like. Just add as many IP addresses as you need SSL sites and then assign one IP per ssl site. Exactly as it is done in ispconfig 3.
     
  3. greenpete

    greenpete New Member

    I guess by 'add as many IP addresses as you need' you mean internal IP's?
    If so do you need to configure the routers firewall to point to port 80 as well as to the main IP of the server?
    Thanks.
     
  4. Ben

    Ben New Member Moderator HowtoForge Supporter ISPConfig Developer

    No the external IP is meant or let's say the IP the browser will connect to.
    So different ssl hosts are only possible if you can provide a different ip and port combination per cert, e.g.
    1.2.3.4 Port 443 -> CERT1 / Host 1
    1.2.3.4 Port "444" -> CERT 2 / Host 2
    1.2.3.5 Port 443 -> CERT 3 / Host 3.

    So in case you have your ispconfig behind a router you need to have as many official IPs as you need + forwarding / NATing them to the appropriate internal address.
     
  5. greenpete

    greenpete New Member

    So let me get this straight, I have only one external IP address, but that's all I need?
    I am behind a NAT firewall and I can port forward.
    So I set up the website in question with it's own internal IP say 192.168.0.100 and I set the port in ISPConfig for that site to say 445, though I can't see where I would do that.
    Then set a port forward on my router to send and requests for the domain in question to that port and ISPConfig will do the rest, have I got that right?
    Thanks.
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    The HTTPS port (443) is hardcoded in ISPConfig 2, so you cannot change it.
     
  7. Ben

    Ben New Member Moderator HowtoForge Supporter ISPConfig Developer

  8. TheBirdMan

    TheBirdMan New Member

    adding a second IP

    Hi,

    This is probably a silly question but I must be missing a step. :confused:

    I configured a second public IP to point to a second private IP (ispconfig 2) on the same server. Added it under settings and then selected the site I want to use the additional ssl cert for.

    10.0.0.1 -> 192.168.1.100 server1/website1
    10.0.0.2 -> 192.168.1.101 server1/website2

    Not working because it can't find the second private IP i addeed (can't ping it). Does it magically work under the primary IP or do I need to somehow add the second ip to the NIC?

    Any help would be greatly appreciated.

    Scott
     
  9. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You have to add the second IP also to your network card, otherwise your server will not listen on that IP.
     
  10. TheBirdMan

    TheBirdMan New Member

    valid ssl cert for webmail

    That worked great thanks,

    One last question -

    The sites in isp manager are using valid certs now but how do I replace the cert for webmail and secure mail https://mail.mydomain.com:81/webmail and ports 995 and 465? every things working with server generated certs but I need to replace them with a verified one.

    Thank you guys again for your support,

    Scott
     

Share This Page