• Please be aware: Kaspersky Anti-Virus has been deprecated
    With the upgrade to Plesk Obsidian 18.0.64, "Kaspersky Anti-Virus for Servers" will be automatically removed from the servers it is installed on. We recommend that you migrate to Sophos Anti-Virus for Servers.
  • The Horde webmail has been deprecated. Its complete removal is scheduled for April 2025. For details and recommended actions, see the Feature and Deprecation Plan.
  • We’re working on enhancing the Monitoring feature in Plesk, and we could really use your expertise! If you’re open to sharing your experiences with server and website monitoring or providing feedback, we’d love to have a one-hour online meeting with you.

urgent! Need help with SSL virtualhost (already got regular working)

KingSky

KingSky

New Pleskian
Method for sharing 1 SSL certificates among clients [possible MOD]

Hi,

Sorry to mark this as urgent, but it really is. I have a client who is going to need to have their shopping cart up by next week.

I have implemented the following in my httpd.conf file:

Code: 
<VirtualHost my.ip.add.ress>
ServerName default
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/htdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
<Directory "/home/httpd/vhosts"> 
DirectoryIndex index.php index.html index.htm default.html default.htm
<IfModule mod_php4.c>
php_admin_flag engine on
</IfModule>
</Directory>
<IfModule mod_userdir.c>
UserDir enable *
UserDir httpdocs
</IfModule>
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

so that I can access my domains like so:
http://myipaddress/~ftpusername

This works great... but I need to do it for SSL too so that these requests are redirected to the httpsdocs folder.

I read a bunch of forums/webpages and tried messing with this section:

Code: 
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>

But I'm really not sure what to change to do what I want, everything I tried prevented apache from restarting.

Please help!

Thanks SOO much!

-Kevin
 
Well, Murphy's Law I guess, I worked on this for a couple days before posting, then found the solution less than an hour afterword.

Here is what I have added to my httpd.conf right before the
Include /etc/httpd/conf/httpd.include
line:

Code: 
<VirtualHost my.ip.address:80>
	ServerName default
	UseCanonicalName Off
	DocumentRoot /home/httpd/vhosts/default/htdocs
	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
	<Directory "/home/httpd/vhosts"> 
		DirectoryIndex index.php index.html index.htm default.html default.htm
	<IfModule mod_php4.c>
		php_admin_flag engine on
	</IfModule>
	</Directory>
	<IfModule mod_userdir.c>
		UserDir enable *
		UserDir httpdocs
	</IfModule>
	<IfModule mod_ssl.c>
		SSLEngine off
	</IfModule>
	<Directory "/home/httpd/vhosts/default/cgi-bin/">
		AllowOverride None
		Options None
		Order allow,deny
		Allow from all
	</Directory>
</VirtualHost>

<IfModule mod_ssl.c>

<VirtualHost my.ip.address:443 >
	ServerName default
	UseCanonicalName Off
	DocumentRoot /home/httpd/vhosts/default/httpsdocs
	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
	SSLEngine on
	SSLVerifyClient none
	SSLCertificateFile /usr/local/psa/var/certificates/certXoCPncb
	<IfModule mod_userdir.c>
		UserDir enable *
		UserDir httpsdocs
	</IfModule>
	<Directory "/home/httpd/vhosts/default/cgi-bin/">
		AllowOverride None
		Options None
		Order allow,deny
		Allow from all
	</Directory>
	<Directory /home/httpd/vhosts/default/httpsdocs>
		SSLRequireSSL
	</Directory>
</VirtualHost>

</IfModule>

By adding this code to your httpd.conf, what happens is this:

http://my.ip.address/~ftpusername
goes to the clients normal websites httpdocs folder, and

https://my.ip.address/~ftpusername
goes to the clients secure httpsdocs folder


One thing to note... my PHP scripts wouldn't load at first, they tried to download as code. The solution was to go into httpd.conf and AFTER this line,

Include /etc/httpd/conf/httpd.include

add this:


<Directory "/home/httpd/vhosts">
AllowOverride All
Options SymLinksIfOwnerMatch
Order allow,deny
Allow from all
php_admin_flag engine on
</Directory>


Since this file loads after my VirtualHost settings, it was overriding the httpd.conf settings.

YAY! I've tested all this and it works.

NOTE: You might notice above that I used the SSLCertificateFile path to the default Plesk certificate. This is only temporary until I replace it with my own.

I'm going to talk to Godaddy (my VDS webhost) and make sure, but if this works, it should allow me to use my SSL certificate with all domains as if it were shared. Hopefully this will help others too :)

Let me know if anybody has any thoughts on this method.

Thanks!
 
This is a bit late, but any changes to the httpd.conf and httpd.include files can and will be overwritten by Plesk (upgrades, domain creation, etc). So this would be totally temporary, until the file gets overwritten.
 
You must log in or register to reply here.

Similar threads

LTUser
Issue server.conf / access_compat / Order allow,deny / Plesk 17.8.11
Replies
0
Views
600
LTUser
LTUser
T
Question Apache 2.4 - every page in my site works, expect home
Replies
3
Views
3K
ahmad314
A
D
Default Parallels Plesk Page
Replies
4
Views
3K
serverpoint_tom
S
T
Issue installing redmine on my plesk 12 debian 7
Replies
0
Views
2K
Tylerdurden
T
H
Issue Apache dies due to missing SSL certs
Replies
5
Views
2K
danami
danami
Back
Top