Can't access ISPConfig Admin

Discussion in 'General' started by MikroTik, Nov 22, 2017.

  1. MikroTik

    MikroTik New Member

    Hello,
    I am new to this forum, but it helped me a lot with my own server configuration.
    But I haven't found a solution to my problem:

    I bought an SSL Cert (AlpiroSSL) for my domain, successfully installed it and it is working on my domain e.g. domain.com.
    But now I am not able to access my ISPConfig Admin on 1.2.3.4:8080. I have to change ispconfig.vhost from <VirtualHost *:8080> to <VirtualHost *:443> - then I can access ISP Admin (1.2.3.4:443) , however, my website "goes down" with "NET::ERR_CERT_AUTHORITY_INVALID"
    I am not sure how to config apache to access both sites, the best option will be like:
    admin.domain.com = ISPConfig Admin (or something similar, I think additional Len's Crypt SLL will be necessary...)
    domain.com = my website

    //Also I am using HSTS - maybe this is the issue?

    I understand that with port change (8080→443) I am "stealing" HTTPS traffic from my main website (domain.com) and therefore is not accessible. I hope there is a proper solution to this.

    Could you help me, please? :)
     
    MikroTik, Nov 22, 2017
    #1
  2. florian030

    florian030 Well-Known Member HowtoForge Supporter

    Did you add the cert to the ispconfig-vhost? You can store the cert and key into the files in /usr/local/ispconfig/interface/ssl
     
    florian030, Nov 22, 2017
    #2
    MikroTik likes this.
  3. MikroTik

    MikroTik New Member

    Hi, now I did. Rebooted apache2. But with no result.
    Which port should I use to access ISPConfig Admin now? Should I change IP/port settings in isp-config.vhost?

    On 1.2.3.4:8080 I receive ERR_CONNECTION_REFUSED
    w/o https I got ERR_CONNECTION_TIMED_OUT, which is understandable

    Thank you :)

    //I did it like:

    [...]
    # SSL Configuration
    SSLEngine On
    SSLCertificateFile /usr/local/ispconfig/interface/ssl/myPurchasedCert.crt
    SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/myGenerated.key
    ## must be re-added after an ISPConfig update!!!
    SSLCertificateChainFile /usr/local/ispconfig/interface/ssl/myPurchasedIntermediate.crt
    [...]
     
    Last edited: Nov 22, 2017
    MikroTik, Nov 22, 2017
    #3
  4. MikroTik

    MikroTik New Member

    Anybody knows, please? :(
     
    MikroTik, Nov 27, 2017
    #4
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    You have to set a servername in the ispconfig vhost when you want to use it beside your website on the same port.
     
    till, Dec 1, 2017
    #5
  6. MikroTik

    MikroTik New Member

    Thank you very much!
    I can reach ISPConfig administration NOW!

    I have to set port to 1.2.3.4:80 and ServerName + ServerAlias
    (and I can access ISPConfig on "domain.com:80" - fully covered under SSL)

    Thank you very much! :)
     
    MikroTik, Dec 5, 2017
    #6
  7. MikroTik

    MikroTik New Member

    -- SOLVED --
    Changed ispconfig.vhost -- now i can access my ISPConfig admin via domain.com:8080 (even on https)
    Code:
    Listen 8080
NameVirtualHost *:8080

<VirtualHost *:8080>
     
    Last edited: Dec 11, 2017
    MikroTik, Dec 8, 2017
    #7

Share This Page