1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice

Plesk 7.5.1 Shared SSL HOWTO

Discussion in 'Plesk for Linux - 8.x and Older' started by raygp, Jan 25, 2005.

  1. raygp

    raygp Guest

    0
     
    Plesk 7.5.1 Shared SSL Howto.

    There has been alot of talk about shared SSL on these forums so I decided to create a little howto (actually, I created an installation program that automates everything)

    Follow the procedure below to setup shared SSL on your Plesk 7.5.1 Server. (Also, see the notes and limitations below)

    Step 1:
    SSH Into Your Server as root

    Step 2:
    Type the following (excluding the # sign)
    # wget http://hosting.vsourse.com/downloads/shared_ssl_installer

    Step 3:
    Type the following (excluding the # sign)
    # perl shared_ssl_installer

    Step 4: Follow the instructions and you are setup.

    That's IT.




    Questions?: Post Here (No promises to get back to you)

    NOTES and Limitations:
    This Shared SSL Takes Up a Domain Account on Your Server which cannot be used as a regular hosting account.

    This Type of Shared SSL is Secure as far as users being able to open files on other users' directories. It will not let that happen. It actually emulates going to https://domain/

    This Type of Shared SSL currently supports GET and POST Form Methods. It does NOT support Advanced Features Like Cookies and Password Protected Directories. (Yet)

    This sets up shared ssl so that to get to https://domain/ you type https://secure_domain/domain/

    This script is freely available, but I assume no responsibility if things go wrong or if someone modifies it and it messes things up. ( This is why it is best to get the script from http://hosting.vsourse.com/downloads/shared_ssl_installer )

    This script does NOT Mess with Plesk in any way. Therefore it Will Not Break Plesk

    Removing the Program is easy, simply remove the domain that is created in your control panel.

    It has only been tested with Plesk 7.5.1 on RHEL3 and Fedora Core 2. (It should probably work with other linux's)
     
  2. philburress

    philburress Guest

    0
     
    Very useful tutorial. Thanks for posting.
     
  3. Jason Lee

    Jason Lee Guest

    0
     
    I'm gettings the error....

    On my RedHat 9 server with plesk 7.5.1
     
  4. raygp

    raygp Guest

    0
     
    Perl Module needed

    For Those of you that are getting the error Messages

    Failed: 500 Can't locate object method "new" via package "LWP::protocol::https::Socket"

    or

    Failed: 501 https protocol not supported.

    You Must install the Perl Package Crypt::SSLeay for this program to work.

    Just follow the instructions below:

    Step 1:
    SSH Into Your Server as Root

    Step 2
    Type the following Commands (excluding the # signs)
    # wget http://search.cpan.org/CPAN/authors/id/C/CH/CHAMAS/Crypt-SSLeay-0.51.tar.gz

    # tar -zxvf Crypt-SSLeay-0.51.tar.gz

    # cd Crypt-SSLeay-0.51

    # perl Makefile.PL

    # make

    # make test

    # make install

    It should be working after that.
    My Servers already have that module installed when I get them, so for my servers, I don't have to do this.

    Hope this helps.
     
  5. Jason Lee

    Jason Lee Guest

    0
     
    Thanks, I installed Perl Package Crypt::SSLeay and now it works.
     
  6. phobis

    phobis Guest

    0
     
    Hi.

    I have the script installed... It works for every domain except for ONE...

    I am getting the error:
    Failed: 404 Not Found

    but the URI is being typed correctly.

    any suggestions?
     
  7. raygp

    raygp Guest

    0
     
    New Version

    I have posted a new version of the Shared SSL Installer.

    You can get it by downloading it using the same link.
    http://hosting.vsourse.com/downloads/shared_ssl_installer

    If you already have the old version installed, remove the secured domain in plesk then run this installer just like the last time.

    If you do not have it installed, simply install it as indicated earlier in this posting.

    (Improvements)
    It now supports common internet mime types like pdfs, word documents, excel spreadsheets and various image types. Before, it you tried to download a word document through SSL, you would just get garbage.

    A bug was discovered in the script. This bug would store information from the last session and (in certain situations) it would release that info again. This can (in rare cases) turn out to be a security risk. The bug has been fixed.
     
  8. phobis

    phobis Guest

    0
     
    It seems to work now :)

    THANKS!!!!

    I am having another issue...

    I have a site with xcart and at the end of the "cart" (during checkout)

    I get a "Failed: 302 Found"

    I think there may be to many redirects...

    I'm not sure though... I have been trying to modify the config for Apache with no success.

    Any suggestions?
     
  9. raygp

    raygp Guest

    0
     
    Sorry

    Sorry. The Script cannot (yet) handle redirects.

    What's happening is that the apache server is sending a redirect code (302) which in normal cases tells the browser to go elsewhere. The Shared SSL script does not recognize the code and therefore outputs the error.

    I am not familiar with x cart but it sounds to me like it has something to do with the x cart software. Maybe there is a way that you could change this redirect into an apache rewrite rule.
    (I am just giving suggestions).


    There are several other features that this script cannot handle but, whenever I have some spare time, I try to work on solutions. Some of the features not handled are cookies, password protected directories, special apache codes such as the formentioned 302 redirect.

    Good news is that the new version now handles several common mime types and can therefore output word documents, excel spreadsheets, pdf documents, and more.
     
  10. phobis

    phobis Guest

    0
     
    THANK you very much... The new features are AWESOME!!!
     
  11. thedust2010

    thedust2010 Guest

    0
     
    I've installed this script and it is working only for domains with its physical hosting under a Shared IP. There is one domain that keeps giving me this error:

    Failed: 500 Connect failed: connect: Connection refused; Connection refused

    I tried to switch that over to a Shared IP, restarted Apache and I still got the same error. What could be the cause of this?
     
  12. mdnitehk

    mdnitehk Guest

    0
     
    Hello,

    When I run this script, the first thing it asks is: Do you agree.. your own risk...? And I can't seem to answer it correctly.

    I've tried Yes, yes, YES, y, Y, and <Enter> - but nothing works, it just keeps exiting the installer..

    Any ideas?

    Thank you,
    Jeff Homan
     
  13. mian

    mian Guest

    0
     
    Here is another method using mod_rewrite to access https://secure.yourdomain.com/theirdomain.com/

    First add secure.yourdomain.com to Plesk (as a domain, not a subdomain).

    in /home/httpd/vhosts/secure.yourdomain.com/conf place these

    vhost.conf:

    Code:
    RewriteEngine on
    
    RewriteCond     %{HTTPS}        off
    RewriteRule     (.*)            https://%{HTTP_HOST}%{REQUEST_URI} [R]
    
    (redirects all non-HTTPS requests to HTTPS)

    vhost_ssl.conf:
    Code:
    SSLProxyEngine  on
    SSLProxyVerify  none
    
    RewriteEngine   on
    RewriteMap      lowercase int:tolower
    
    RewriteCond     /home/httpd/vhosts/${lowercase:$1}      -d
    RewriteRule     ^/([^.]+\.[^\/]+)(.*)                   https://${lowercase:$1}$2 [P]
    
    (enables Apache SSL proxy engine, tests /home/httpd/vhosts/theirdomain.com exists and proxies the request through to https://theirdomain.com/ internally.

    then execute
    Code:
    /usr/local/psa/admin/sbin/websrvmng --vhost-name=secure.yourdomain.com
    
     
  14. thedust2010

    thedust2010 Guest

    0
     
    Big question about the Shared SSL and files outside the web root

    I've installed this Shared SSL and it's working fine, so long as the website I'm securing doesn't have files outside the webroot. Then I get an open_basedir restriction. Here's the information:

    ---

    domainA.us is the domain my SSL is installed on and domainB.com is the domain that needs to be secured.

    https://www.domainB.com works fine, BUT if domainB references files outside its web root, I get errors.

    http://www.domainB.com has its open_basedir set to:
    /home/httpd/vhosts/domainB.com (which is correct)

    BUT https://domainA.us/domainB.com has its open_basedir set to:
    /home/httpd/vhosts/domainB.com/httpdocs (NOT correct)

    I have gone into the vhost.conf AND vhost_ssl.conf files for domainA.us and inserted the following but it hadn't had an effect:
    <Directory "/home/httpd/vhosts/domainA.us">
    php_admin_value open_basedir /home/httpd/vhosts/domainB.com:/tmp
    </Directory>

    <Directory "/home/httpd/vhosts/domainB.com">
    php_admin_value open_basedir /home/httpd/vhosts/domainB.com:/tmp
    </Directory>

    ---

    It seems that no matter what I do, I can't get the secure domain to set PHP's open_basedir value correctly. Any idea what I might be doing wrong? Do different rules apply when using this SSL?
     
  15. raygp

    raygp Guest

    0
     
    New URL to get the Shared SSL Installer

    I realized that we haven't had the shared SSL Installer available for a while. This is because we are now at http://www.vsoursehosting.com

    Step 1:
    SSH Into Your Server as root

    Step 2:
    Type the following (excluding the # sign)
    # wget http://www.vsoursehosting.com/downloads/shared_ssl_installer

    Step 3:
    Type the following (excluding the # sign)
    # perl shared_ssl_installer

    Step 4: Follow the instructions and you are setup.

    That's IT.


    If there are any questions, please email to rperea@vsoursehosting.com I will be happy to help you.
     
  16. rviradia

    rviradia Guest

    0
     
    Anything like this for 8.1.1

    Thanks
     
  17. adian009

    adian009 Guest

    0
     
    I used this script on a version 8.2 Linux install with a few minor issues:

    1. The script referenced a previous Web Home directory instead of /var/www/vhosts/ which I corrected manually, and
    2. The script makes a call to Plesk to create the Domain and the call is not complete - I had to create the domain manually, then run the script, and
    3. The sharedssl.pl script that the script relies on also references the previous Web Home which I changed manually.

    All in all the solution runs beautifully for us!

    Regards,

    Al Ponte
    Sarandipity Sentiments
     
Loading...