I would like to setup SNI, but I haven't been able to find any information about how ISPConfig actually handles it. I have enabled SNI in my server settings. My vhost files in sites-available each have a <IfModule mod_ssl.c> section, but there are no directives inside them. Is there a guide available explaining how this is done through ISPConfig? Do I need to manually edit the vhost files (which I think would cause a problem for ISPConfig)? Or do I add the directives through the Sites->Domain->Options->Apache Directives textbox? What do I need to do next? Cheers, Nap
There is no configuration required at all, thats why you dont find any information on it. Just add more then one website with ssl on an IP or * and SNI is sued automatiaclly.
ic. But it didn't happen that way I've editted the vhost files for a couple domains on my test server by adding: 1) port *:443 to VirtualHost's port list : Code: <VirtualHost *:80 *:443> 2) the necessary info into the mod_ssl section Code: SSLEngine On SSLCertificateFile /etc/ssl/certs/domain.cert SSLCertificateKeyFile /etc/ssl/private/domain.key And I created a certificate for each of these domains using the openssl command. It seems to be working. I have no idea why ISPConfig didn't handle this for me. SNI was enabled when I installed, and all my sites have SSL enabled. Cheers, Nap
Your manual changes are not required as the ssl vhost is a separate vhot part in the same file. If its not there, then ssl is not enabed for that site in ispconfig. Check the site settings to ensure that the ssl checkbox for this site is enabled. Then go to the ssl tab of the website, ensure that the ssl cert and key field are filled in and that you have selected "save certificate" as action and clicked on save afterwards.
Yes, I did that and it worked. Thanks I'm going to have a read about creating a CA certificate etc. Cheers, Nap
