Apache SSL with Ispconfig and non-Ispconfig SSL

Discussion in 'Server Operation' started by tfboy, Jan 17, 2016.

  1. tfboy

    tfboy Member

    The title probably isn't clear, but I've come across a problem which I think I understand, but not sure if / how to resolve it.
    I have my own "server" domain, let's call it myserver.com. My ISPconfig runs in SSL on 8080, that's fine, it's working OK, so https://myserver.com:8080 loads up the Ispconfig page in SSL with my proper certificate.
    The issue is that I have webmail (roundcube) running on normal 443 port. The roundcube instance isn't configured as part of the Ispconfig sites, it's part of the generic apache server installation.
    I would now like to have some websites managed by Ispconfig also running on SSL. I have certificates for these, but I guess currently, it cannot work as a website's IP/port is essentially the same as the server's, so if I go to https://mywebsite.com, it comes up with an invalid certificate because it's for myserver.com - it's picked up the server's SSL certificate and not that of the website's, with the key and cert copied/pasted into the text fields in the website's configuration page in ISPconfig.

    I know there's a big historical debate about not being able to have multiple different certificates running on the same IP, but I understand this is no longer a problem with the recent support of SNI (Server Name Indication). I trust this isn't an issue for ISPconfig as it's more apache related.

    So what are the suggestions? I guess I can remove my server-based SSL services like webmail so there's no longer a clash, but it's very useful to have...
  2. tfboy

    tfboy Member

    Hmm I take it back, it seems to be working now. Maybe it needed a little time to sort itself out. :)

Share This Page