phpMyAdmin SSL and Alias config

Discussion in 'General' started by zkvvoob, Aug 20, 2016.

  1. zkvvoob

    zkvvoob Member

    Hello,
    My ISPconfig is the following:
    - https://server.maindomain.com:8080 - using Let's Encrypt SSL cert
    - multiple vhosts, maindomain.com also using another Let's Encrypt cert
    - phpMyAdmin using the default configuration with an alias for all domains
    As a result, if I go from a DB button link in the ISPConfig web interface to https://sever.maindomain.com/phpmyadmin, all browsers report an invalid SSL and they try to use the one for maindomain.com, instead of the one for server.maindomain.com.

    So here's my question - how can I limit the use of PHPMyAdmin to only server.maindomain.com/phpmyadmin and how to set it so that it gets to correct SSL certificate?

    Thank you!
     
  2. Jesse Norell

    Jesse Norell Active Member

    Start with configuring ispconfig to send users there when clicking the DB button (System > Main Config > PHPMyAdmin URL). That may be enough for your needs, but if you really want to limit access to phpmyadmin to other names can't be used, you could probably put a .htaccess file in the root phpmyadmin directory that tests the hostname/url and returns an error (or redirect) if the wrong name is used.
    You would need to add a virtualhost entry for server.maindomain.com which matches that ServerName and points to the right certificate files. Most of the vhost entry can be copied from what ispconfig configures for the port 8080 vhost. I've posted config for this in the past, I'll post the link here if I come across it again.
     
  3. zkvvoob

    zkvvoob Member

    Hi Jesse,
    Thank you for taking the time to reply to my question, I'll try your first suggestion.
    However, regarding the SSL error, opening server.maindomain.com/phpmyadmin returns an error and when I check the console, it appears the certificate used is that for maindomain.com - the two are different, because Let's Encrypt doesn't yet issue wildcard certificates.
    So, is there a way to ensure that phpmyadmin loads the correct SSL cert, i.e. that for server.maindomain.com?

    EDIT: Actually, problem solved - adding ISPCOnfig's full URL, including the port, in the phpMyAdmin address in the Main Config did the trick. Thanks, Jesse. I'll figure out how to configure the .htaccess rules now.
     
    Last edited: Aug 22, 2016

Share This Page