Hello, I have: · OVH dedicated server with Debian 6 + Proxmox 2. IP = 0.0.0.0 · OpenVZ VM with Debian 6 (kernel 2.6.32-16-pve), ISPConfig 3.0.4.2, Apache 2.2.16 and MyDNS 1.2.8.27. IP = 1.1.1.1 · Last version of CSF+LFD installed on both machines (with IP 2.2.2.2 allowed). ISPConfig 3 is working for several years with a RapidSSL Wildcard certificate installed manually like default-ssl. This certificate is associated to domain1.es and IP 1.1.1.1 Now, I want use a standard RapidSSL in domain2.es (whose DNS are configured in OVH Manager). I bought a OVH IPv4 FailOver (IP = 2.2.2.2). I added IP 2.2.2.2 to my interfaces and I restarted my network (following the Manual's chapter How Do I Manually Configure New IP Addresses On My System?): # vi /etc/network/interfaces ... auto venet0:1 iface venet0:1 inet static address 2.2.2.2 netmask 255.255.255.255 # ifconfig ... venet0:1 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:2.2.2.2 P-t-P:2.2.2.2 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST POINTOPOINT RUNNING NOARP MTU:1500 Metric:1 I added 2.2.2.2 to ISPConfig 3 (System -> Server IP Addresses): Type: IPv4 IP Address: 2.2.2.2 HTTP NameVirtualHost: yes HTTP Ports: 80,443 I created the DNS zone of domain2.es and change 1.1.1.1 records to 2.2.2.2 I created the website of domain2.es: IPv4: 2.2.2.2 Auto-Subdomain: None or www (I tested both) SSL: Yes I filled the SSL fields (with a-z characters), selected "Create certificate" and saved. And I restarted Apache & MyDNS. At this moment: · http://domain2.es displays http://domain1.es (like a domain alias). · http[B]s[/B]://domain2.es says Forbidden. You don't have permission to access / on this server. # tail -f /var/log/apache2/error.log [...] [error] [...] client denied by server configuration: /var/www/domain2.es/web/ No error in: /var/log/apache2/ssl_error.log /var/log/ispconfig/httpd/domain2.es/error.log Any idea? Thanks! Manuel
Here is the problem: Following Till (Your server is a vserver, so you can not configure the network from within the virtual machine. The network is configured on the host server.), I added IPv4 2.2.2.2 on host server: Login Proxmox -> Datacenter -> My Dedicated Server (0.0.0.0) -> My OpenVZ VM (1.1.1.1) -> Network -> Add -> IP address (venet) -> IP address: 2.2.2.2 -> Add Now, http and https are OK (SSL self-signed, at the moment).
After consume all reissues of first RapidSSL certificate, I managed to run a second RapidSSL certificate following these steps: Run self-signed SSL certificate (view supra). Generate RapidSSL CRT using our CSR and selecting Apache 2 option. Check match CRT&CSR and CRT&Key (for example, in http://sslchecker.com/matcher). You may have to wait a while (in my case, the first time CRT&CSR was OK but CRT&Key was KO) (after a while, both were well). In ISPConfig 3 Administration Panel, go to SSL tab, delete the self-signed CRT and paste the RapidSSL CRT in SSL Certificate field, select Save Certificate in SSL Action dropdown and click Save buttom. I think the keys are: Select Apache 2 option in step 2. Wait for all match in step 3 before do step 4. Regards, Manuel
