how would i go about setting up 3 sites on 1 server using IspConfig3. I have 8 static ip's issued by my isp. (is this needed?) I have 3 domain names i want to host on my server which i purchased from go daddy. I dont want to host the dns on my server. (unless absolutely necessary). I want to leave them at go daddy and just change the A record to point to my static ip. (is this ok?) I have a router that forwards all calls to port 80,443 to my server. Here's what i did so far and where i'm stuck. set up the perfect server for fedora 12 with ispconfig3. i set up a client. (me) i set up 3 websites for me. to test if the websites work from inside the lan, i edited one of the lan computers hosts file accordingly. 192.168.8.2 name of domain1 192.168.8.2 name of domain2 192.168.8.2 name of domain3 When i only owned 1 domain, i just changed the A record on godaddys zone file to point to my static ip. Now that I have 3, do i change all 3 to the same static ip? would that cause any problems. this is where im stuck. Thanks Bernard
thanks for the quick reply till. Thats cool how ispconfig can figure out which folder to route each domain name sent to my 1 ip address. So heres what i did now. I have 3 domain names with go daddy. I setup 3 websites in my ispconfig (same name as domain name from go daddy...duh) For each A record on go daddy's zone file, i changed the ip to my static ip address. Now where im having problems is,ssl certificates. I purchased a manual for ispconfig 3 (paid the 5+ USD!!) and I noticed that you can only have 1 ssl per 1 ip address? I already set up an ssl for 1 domain (generated csr from ispconfig, gave csr to ssl host, ssl host returned cert and bundle and all is working accordingly). How can I go about setting up another ssl for another domain when i already used the servers ip address.
You can have as many websites (http) per IP as you want. But only one SSL website per ip. Thas a limitation of the SSL proticol and not ISPConfig.
Is there another way I should setup my server that way I can have another SSL certificate? Again, i have 8 static ips that im not using (if that would help???)
You can have one ssl website per IP address. So if you have 8 static IP addresses, then you can have up to 8 ssl websites. Just select a different IP address for every website that shall have ssl enabled.
im confused a little bit. I have 8 static ips from my isp. I used 1 of the static ips to setup my router. Theres an option in my router to add additional static ips (maximum of 5) so i added additional 5 ip's to the router. In my router theres an option to route certain port calls to an ip address inside the lan. So all calls to neccessary ports are routed to my servers internal lan IP address. In ispconfig, it asks for the servers ip address so i put the servers internal lan ip address. Theres an option in ispconfig to add additional ip addresses. So i added the servers lan ip address in there also. Now how do i manipulate the other 8 static ips that I have to my servers 1 lan ip address to issue more ssl's? Sorry im a programmer in need of some server help!!!
You need to add the same number of internal IP addresses in your server that you have on your router and the forward every external Ip to a dedicated internal IP address. In the website settings, select a dedicated internal IP for every website that shall have ssl enabled.
Dont get me wrong or anything, but in my router there is only port forwarding. For example, all calls to port 80 are routed to my servers internal static lan. Are there certain routers that can forward my ISP's static ips to an internal lan ip? I crashed my apache last time i tried to add another ssl certificiate to my other site.
Port forwarding is what you need. You must forward all needed ports one by one. You cannot forward an IP to another one.
K now im really confused. I already forwaded the port to the necessary lan ip. In ispconfig there is an option to add multiple ip address. I have 8 static ip address from my isp but in my lan, im running everything on the same server therefore there is only 1 lan ip for the server. Am i supposed to put the static ip's from my isp or just the lan ips in this option. Also i found a forum stating that you can have more than one ssl for a single lan ip address as long as u change the location of the ssl information in the vhosts file. I cannot seem to find ispconfigs vhost file. Im running a fedora 12 install. http://serverfault.com/questions/109800/multiple-ssl-domains-on-the-same-ip-address-and-same-port http://serverfault.com/questions/109766/ssl-site-not-using-the-correct-ip-in-apache-and-ubuntu
Is it possible to share SSL across all virtual sites? is there a problem with it? my client will need ssl because they want to use credit cards on their sites. Best Regards.
My guess, is the problem you're probably runing a simple SOHO router that can only handle 1 incoming IP. What's your router? If you have a "enterprise" router, you can filter all IP's to multiple internal NAT IP's (or 1 ISPconfig box that has all the IP's configured). If you don'thave an enterprise class router, you can check out smoothwall or something similar.
Im guessing my router isnt an enterprise router. What are some good enterprise routers? I have a basic belking router(that happens to come with a firewall) and am willing to change it with a good/recomemded router!!! Also for erosbk, Ive done some research and only found solutions for wildcard ssl or ssl certs that can be run on multiple servers for the a single domain with multiple subdomains. So I dont think thats possible.
I recommend grabbing an old 468 or better with 1 gig ram (even 512 works) and run smoothwall or similar. much faster than soho, and cheaper (free) than enterprise class (cisco). another idea is to pick up one of the open source netgear's and see if there are mods to handle multiple red ip's....but your smoothwall will still be faster and can handle all sorts of logging and tricks. smoothwall.org . again, there are others that are just as good if not better. Once you have all your ip's coming into the box, setting up ssl should be simple with the "normal" approach vs wildcard.
