Hi there, we have a small server running ISPConfig 3.0.5.4p8 on Ubuntu 14.04.3 LTS using Apache 2.4.7. We do have several Sites configured and want to use SSL on each of these sites. I have configured SSL and it works for one vHost. The vHost has a configured IP v4 Adress (and not * ) but somehow the generated vhost File will point to * again. I have deleted the vhost config and had it reconfigured. The output from apache2ctl -S: Code: root@server077:~# apache2ctl -S AH00548: NameVirtualHost has no effect and will be removed in the next release /etc/apache2/sites-enabled/000-ispconfig.conf:61 AH00558: apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.1.1. Set the 'ServerName' directive globally to suppress this message VirtualHost configuration: 10.126.200.77:80 is a NameVirtualHost default server bla.blabla.com (/etc/apache2/sites-enabled/100-bla.blabla.com.vhost:6) port 80 namevhost bla.blabla.com (/etc/apache2/sites-enabled/100-bla.blabla.com.vhost:6) port 80 namevhost blubb.blabla.com (/etc/apache2/sites-enabled/100-blubb.blabla.vhost:6) [..] alias intern.blabla.com *:8081 127.0.1.1 (/etc/apache2/sites-enabled/000-apps.vhost:9) *:8080 127.0.1.1 (/etc/apache2/sites-enabled/000-ispconfig.vhost:8) *:80 owncloud.blabla.com (/etc/apache2/sites-enabled/100-owncloud.blabla.com.vhost:6) *:443 owncloud.blabla.com (/etc/apache2/sites-enabled/100-owncloud.blabla.com.vhost:180) Other vHosts with SSL are not created althought they are configured in the WebGUI. Is this an error from ISPConfig or a Layer8 OSI Problem (aka me)? Thank you in advance, Jonas
SNI works for * and IP, so there is no need to select an Ip if all sites use * on your server. Beside that, you can not mix * and IP for websites that point to the same IP address in DNS on an apache web server as an IP is always a stronger match than a wildcard * and all traffic for the sites that have * selected will go to the site that has the Ip assigned then. In case that ISPConfig is not able to write changes to disk, then see here: https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
Hi, thanks for the Reply. Some older threads recommended to set the IP and not *. It does not work with * as IP Adress (wich I have confirmed right now). I had all my sited pointed to the IP but the vhost from Owncloud would set * anyways. Now I set all vHosts to * and the Problem is still the same. ISPConfig can write to disk, if I delete the vhost config for Owncloud it will be recreated with the same settings. What I wonder about: Code: *:443 owncloud.blabla.com (/etc/apache2/sites-enabled/100-owncloud.blabla.com.vhost:180) *:80 is a NameVirtualHost [..] Why is Port 80 a Name Virtual Host and Port 443 not? It does not matter if I set a IP Adress for the server and set "NameVirtualHost" for that IP Address. Thanks in advance, Jonas
regarding SSL: ISPC will (probably soon) release an update which allows you to use letsencrypt for SSL on your domains: https://www.howtoforge.com/communit...ncrypt-ssl-certificates-into-ispconfig.71055/
I don't see how this will help - we are using a wildcard Certificate and it works quiet well on other servers. This here seems to me to be an Apache Config error (and Apache is configured through ISPConfig, I guess because I did configure it wrong). Or am I missing something? Thanks in advance, Jonas
well, with LE integration to ISPC you can for each vhost create an own cert. It's too bad that LE doesn't support wildcard certs this far. But if everything is automated there's not so much need usually.
It does not matter if you use a wildcard cert or not, just enable ssl for the websites and paste the ssl cert, key and intermediate ssl cert into the appropriate fields on the ssl tab. SSL works fine with * and also with IP when you have multiple SSL websites, I run quite a few live servers that use both setups for years now.
That is exactly what I did but it does not work. I'm quiet at a loss and will look into it again beginning next year. If someone does have a suggestion what to test then I'll be happy for everything. Thanks, Jonas
