Hello, I run: Ubuntu 12.04, Ispconfig 3, Amazon EC2 in VPC. I've successfully 1) Added several internal IP addresses to the Network Interface (per manual 5.18): Code: # ifconfig eth0 Link encap:Ethernet HWaddr 0a:c3:f2:f5:c8:2d inet addr:10.0.0.15 Bcast:10.0.0.255 Mask:255.255.255.0 inet6 addr: fe80::8c3:f2ff:fef5:c82d/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:117236 errors:0 dropped:0 overruns:0 frame:0 TX packets:44138 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:156602804 (156.6 MB) TX bytes:5148130 (5.1 MB) Interrupt:27 eth0:1 Link encap:Ethernet HWaddr 0a:c3:f2:f5:c8:2d inet addr:10.0.0.110 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:27 eth0:2 Link encap:Ethernet HWaddr 0a:c3:f2:f5:c8:2d inet addr:10.0.0.167 Bcast:10.0.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 Interrupt:27 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:1138 errors:0 dropped:0 overruns:0 frame:0 TX packets:1138 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:89528 (89.5 KB) TX bytes:89528 (89.5 KB) 2) Manually updated Ispconfig with the internal ip addresses (per manual 4.9.2.3) 3) Created an SSL site (per manual 5.4) pointing to internal ip address 10.0.0.110 4) Implemented a public ip address that points to the eth0 internal ip address 10.0.0.15 Upon visiting port 80 of the new site I receive the standard Apache HTML= "It works!" Indicating the site is not routed to its domain folder. Upon visiting port 443 of the site I receive an ssl error = "SSL connection error. Unable to make a secure connection to the server". An additional site set up utilizing the second ip address 10.0.0.167 and not using ssl also displays the apache index.html. Any Ideas about what may be the issue here? Thank you.
Ok. I figured this out. Ill post some info here because I notice this thread is already ranking high for searches including: Multiple SSL certificates Ispconfig Amazon EC2 running in VPC. The Ispconfig manual does a very good job outlining the steps to set up additional internal ip adresses - which are required for running more than one SSL certificate on a single server (EC2 instance in this case). If you require multiple internal ip address on an Amazon ec2 instance this article is a very good starting point: http://about.silkapp.com/page/Multiple IP addresses on Amazon EC2 My above post was nearly correct - but I was trying to use only one external IP address mapped to several unique internal IP addresses. I'm not sure if this is possible. My work around included assigning additional External IP addresses to each internal IP address that requires an SSL certificate. In this case I attached an additional external IP address to the internal IP address 10.0.0.110. It is important to note that you use internal ip addresses to initiate the website and ssl certificate in Ispconfig and an External IP address for DNS purposes.
I am working on putting 2 extra IPv4 up for use with 2 websites that need SSL I have configured these 2 in network interfaces like this: Code: | # The primary network interface #allow-hotplug eth0 #iface eth0 inet dhcp auto eth0 iface eth0 inet static address xx.xxx.244.62 netmask 255.255.255.0 network xx.xxx.244.0 broadcast xx.xxx.244.255 gateway xx.xxx.244.254 auto eth0:0 iface eth0:0 inet static address xx.xxx.242.174 netmask 255.255.255.255 network xx.xxx.242.0 broadcast xx.xxx.242.255 gateway xx.xxx.242.254 auto eth0:1 iface eth0:1 inet static address xx.xxx.242.175 netmask 255.255.255.255 network xx.xxx.242.0 broadcast xx.xxx.242.255 gateway xx.xxx.242.254 And added them in the server settings if I restart the netwerk interface Code: server1:~# /etc/init.d/networking restart Reconfiguring network interfaces...if-up.d/mountnfs[eth0]: waiting for interface eth0:0 before doing NFS mounts (warning). if-up.d/mountnfs[eth0]: waiting for interface eth0:1 before doing NFS mounts (warning). SIOCADDRT: No such process Failed to bring up eth0:0. SIOCADDRT: No such process Failed to bring up eth0:1. done. server1:~# As you can see the 2 ip's don't work, could it be that I must use also 2 internal ip for eth0:1 and eth0:0 and point the 2 external to those 2 internal? But there is not mention about this in the manual so I don't know how to do it. Also the data ceter has mentioned to use the loopback interface instead but as mentioned in the manual were not supposed to use this lines?? TIA
