Ssl

Discussion in 'General' started by alexillsley, Apr 9, 2007.

  1. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    ----- expired ----
     
    Last edited: Nov 15, 2010
  2. Hawker

    Hawker New Member

    You basically share the host's certificate.

    Google SHSS and/or shared SSL.
     
  3. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    ----- expired ----
     
    Last edited: Nov 15, 2010
  4. falko

    falko Super Moderator ISPConfig Developer

  5. Hawker

    Hawker New Member

    Last edited: Apr 10, 2007
  6. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    ----- expired ----
     
    Last edited: Nov 15, 2010
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    You can not have individual SSL for every site with one IP, thats a limit of the SSL protocol! The only things you can do is e.g. create one SSL enabled host and use the apache mod_proxy module to access the pages in the form:

    www.yourssldomain.com/otherwewebsite/

    or you use the wildcard solution that falko suggested.
     
  8. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    ----- expired ----
     
    Last edited: Nov 15, 2010
  9. falko

    falko Super Moderator ISPConfig Developer

    It's possible if you don't care about certificate errors, but otherwise it's impossible.
     
  10. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    I dont care about certficate errors, how would i do it with cerficate errors?
     
  11. Hawker

    Hawker New Member

    Forgive me for asking but...

    Why would you want to supply invalid SSL services? That kind of defeats the purpose of SSL. Nobody in their right mind would install the CA Root if certificate errors are present.

    In any case, try enabling SSL for your sites and put the same certificate, etc on all sites. That might work.
     
  12. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    SSL encrypts the data between you and thge server with or without a vaild certificate

    What would i do to ispconfig or what would i add to the virtual hosts to enable this ?
     
  13. till

    till Super Moderator Staff Member ISPConfig Developer

    But your customers and their customers care and nobody will use sites with invalid certificates. If you have customers that run e.g. a online shop, nobody will give them their credit card data when the SSL cert is invalid.
     
  14. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    It doesnt matter, i just need to get SSL to work.

    Lots of companys do it, all sites on [link_expired] have invalid certificates
     
    Last edited: May 16, 2007
  15. Hawker

    Hawker New Member

    SSL is only supported on paid hosting at awardspace.

    Shared SSL for them IS sitename.awardspace.com. Do some investigation, that is how it is.

    That is why all sites there have invalid certificates on non-SSL supported sites. And the error is there to alert people NOT to give sensitive information to that site.

    I really doubt that you will receive any help on setting up invalid SSL. This is something you need to do on your own. And I'm sorry if that's too strong of a way to word it, but that's the way I see it.
     
  16. alexillsley

    alexillsley ISPConfig Developer ISPConfig Developer

    All awardspace sites have invalid certficates! [link_expired]

    I just need to get SSL working,
    Please help,
    Alex
     
    Last edited: May 16, 2007
  17. ctroyp

    ctroyp New Member HowtoForge Supporter

    See http://www.onlamp.com/pub/a/apache/2005/02/17/apacheckbk.html .

    This should work, but as you already know, users will still get browser warnings. As the article states, SSL is two part--encryption and authentication. From what I understand, you will get the encryption part, but not the authentication. Your users may or may not trust the connection (as Till mentioned).
     
  18. koltz

    koltz Member

    Doesn't the new version of Apache now support multiple SSL cert's on the same IP? I would imagine it would have to be built in to ISPConfig to make it work. Also browsers have to be updated to support this also from what I read.

    Corey
     
  19. falko

    falko Super Moderator ISPConfig Developer

    No. This doesn't have anything to do with Apache or ISPConfig. The restriction "one cert per IP" is set by the way how the HTTPS protocol works. There's nothing you can do about it.
     

Share This Page