Multiserver setup webserver ssl certs

Discussion in 'General' started by spacepills, Mar 10, 2017.

  1. spacepills

    spacepills Member

    I have a multiserver set up (3 servers, web, mail & dns, web and mail servers are on multiserver, dns is separate as was set up a few years ago) the mailserver has apache setup for running webmail.

    I have some automated dns record setups, so automatically points mail.domain at the mail servers ip and adds spf records etc (need to add the dns server to the multiserver setup as would be really useful to have automatic dkim!!)
    So when I create a new domain with dns, web, and mail the client can go to to access their webmail, however their webmail isn't on https, which is not ideal as they are using that to login, change passwords, obviously send emails etc.
    So I installed certbot to set up lets encrypt SSLs and I set one up for my domain (which applied to the 000-default vhost) which went fine, but I tried it for another domain I get this error:
    "No vhost exists with servername or alias of: (or it's in a file with multiple vhosts, which Certbot can't parse yet). No vhost was selected. Please specify ServerName or ServerAlias in the Apache config, or split vhosts into separate files", which makes sense.

    So I know a solution could be to create a vhost for that servername manually (all vhosts would point to the same directory, currently it's a wildcard vhost so clients can go to mail.theirdomain rather than mail.mydomain purely for asthetics, which is what this is all about) and then run the generate command. So is there a way I can create a vhost on the mailserver during the mail domain setup from ispconfig, perhaps if there's a way to run a custom script where I could ssh into the webserver, then run a bash script which I could pass in the domain that's being set up.

    If auto running a custom script during the mail domain setup isn't possible, is it still possible to somehow setup a vhost on the mailserver with mail.domain and then later I can ssh in and add the cert

    Cheers, and sorry for the long winded post!
  2. Jesse Norell

    Jesse Norell Well-Known Member Staff Member Howtoforge Staff

    No, a vhost is created in the web server, not the mail server. Or do you mean you also run apache on your mail server to serve webmail? Maybe you want two names, eg. mail.domain.tld for smtp/pop3/imap, and webmail.domain.tld for https to a webmail?

Share This Page