Hi this problem occurs with ISPConfig 2.2.18 / I don't know if this is solved with the next version. I installed correctly ISPConfig and acrtivated some sites with HTTPS to access control panel. I picked one of them and checked the option SSL then saved. One new tab appears in the menu (label: SSL) I click over then I can create a certificate for that site. All runs correctly. When I attempt to do the same for another site ISPConfig tell me that 'the certificate is already loaded', no new SSL tab is available. Looking inside: /etc/apache2/Vhosts_ispconfig.conf the first site with SSL running have some lines like (web1 is the site, hostname omitted for privacy...): <IfModule mod_ssl.c> <VirtualHost xxx.xxx.1.105:443> [...] and then (below) some lines added from ISPConfig about the certificate: SSLEngine on SSLCertificateFile /var/www/web1/ssl/test.com.crt SSLCertificateKeyFile /var/www/web1/ssl/test.com.it.key Alias /error/ "/var/www/web1/web/error/" ErrorDocument 400 /error/invalidSyntax.html ErrorDocument 401 /error/authorizationRequired.html ErrorDocument 403 /error/forbidden.html ErrorDocument 404 /error/fileNotFound.html ErrorDocument 405 /error/methodNotAllowed.html ErrorDocument 500 /error/internalServerError.html ErrorDocument 503 /error/overloaded.html AliasMatch ^/~([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3 AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web1/user/$1/web/$3 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 fo [... truncated ...] for the Vhost named web1. Obviously (I suppose) the cert created from ISPConfig is saved within the folder: /var/www/web1/ssl/ Then my problem is that I can assign SSL connection only to one site (if I delete the option for web1 I can reassign SSL to another site...). Maybe I must to reconfigure following the instruction published at: http://www.howtoforge.com/enable-multiple-https-sites-on-one-ip-using-tls-extensions-on-debian-etch or there is something else to do?!? Thank you very much
You may bind Certy only to one IP+Port combination, that means each site must have its own combination. Either you have a dedicated IP per SSL Web or they differ in their Port. The last solution is afaik not possible with ISPConfig and not very handy for the user. So to get it work you need more IPs on your server. What I did was to set one web with ssl, and create a reverse proxy in apache to access some customer apps via this construct. IN the end it depends on your needs.
