1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

urgent! Need help with SSL virtualhost (already got regular working)

Discussion in 'Plesk for Linux - 8.x and Older' started by KingSky, Apr 28, 2005.

  1. KingSky

    KingSky New Pleskian

    23
     
    Joined:
    Mar 10, 2005
    Messages:
    17
    Likes Received:
    0
    Method for sharing 1 SSL certificates among clients [possible MOD]

    Hi,

    Sorry to mark this as urgent, but it really is. I have a client who is going to need to have their shopping cart up by next week.

    I have implemented the following in my httpd.conf file:

    Code:
    <VirtualHost my.ip.add.ress>
    ServerName default
    UseCanonicalName Off
    DocumentRoot /home/httpd/vhosts/default/htdocs
    ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
    <Directory "/home/httpd/vhosts"> 
    DirectoryIndex index.php index.html index.htm default.html default.htm
    <IfModule mod_php4.c>
    php_admin_flag engine on
    </IfModule>
    </Directory>
    <IfModule mod_userdir.c>
    UserDir enable *
    UserDir httpdocs
    </IfModule>
    <IfModule mod_ssl.c>
    SSLEngine off
    </IfModule>
    <Directory "/home/httpd/vhosts/default/cgi-bin/">
    AllowOverride None
    Options None
    Order allow,deny
    Allow from all
    </Directory>
    </VirtualHost>
    
    so that I can access my domains like so:
    http://myipaddress/~ftpusername

    This works great... but I need to do it for SSL too so that these requests are redirected to the httpsdocs folder.

    I read a bunch of forums/webpages and tried messing with this section:

    Code:
    <IfModule mod_ssl.c>
    SSLEngine off
    </IfModule>
    
    But I'm really not sure what to change to do what I want, everything I tried prevented apache from restarting.

    Please help!

    Thanks SOO much!

    -Kevin
     
  2. KingSky

    KingSky New Pleskian

    23
     
    Joined:
    Mar 10, 2005
    Messages:
    17
    Likes Received:
    0
    Well, Murphy's Law I guess, I worked on this for a couple days before posting, then found the solution less than an hour afterword.

    Here is what I have added to my httpd.conf right before the
    Include /etc/httpd/conf/httpd.include
    line:

    Code:
    <VirtualHost my.ip.address:80>
    	ServerName default
    	UseCanonicalName Off
    	DocumentRoot /home/httpd/vhosts/default/htdocs
    	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
    	<Directory "/home/httpd/vhosts"> 
    		DirectoryIndex index.php index.html index.htm default.html default.htm
    	<IfModule mod_php4.c>
    		php_admin_flag engine on
    	</IfModule>
    	</Directory>
    	<IfModule mod_userdir.c>
    		UserDir enable *
    		UserDir httpdocs
    	</IfModule>
    	<IfModule mod_ssl.c>
    		SSLEngine off
    	</IfModule>
    	<Directory "/home/httpd/vhosts/default/cgi-bin/">
    		AllowOverride None
    		Options None
    		Order allow,deny
    		Allow from all
    	</Directory>
    </VirtualHost>
    
    <IfModule mod_ssl.c>
    
    <VirtualHost my.ip.address:443 >
    	ServerName default
    	UseCanonicalName Off
    	DocumentRoot /home/httpd/vhosts/default/httpsdocs
    	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
    	SSLEngine on
    	SSLVerifyClient none
    	SSLCertificateFile /usr/local/psa/var/certificates/certXoCPncb
    	<IfModule mod_userdir.c>
    		UserDir enable *
    		UserDir httpsdocs
    	</IfModule>
    	<Directory "/home/httpd/vhosts/default/cgi-bin/">
    		AllowOverride None
    		Options None
    		Order allow,deny
    		Allow from all
    	</Directory>
    	<Directory /home/httpd/vhosts/default/httpsdocs>
    		SSLRequireSSL
    	</Directory>
    </VirtualHost>
    
    </IfModule>
    
    By adding this code to your httpd.conf, what happens is this:

    http://my.ip.address/~ftpusername
    goes to the clients normal websites httpdocs folder, and

    https://my.ip.address/~ftpusername
    goes to the clients secure httpsdocs folder


    One thing to note... my PHP scripts wouldn't load at first, they tried to download as code. The solution was to go into httpd.conf and AFTER this line,

    Include /etc/httpd/conf/httpd.include

    add this:


    <Directory "/home/httpd/vhosts">
    AllowOverride All
    Options SymLinksIfOwnerMatch
    Order allow,deny
    Allow from all
    php_admin_flag engine on
    </Directory>


    Since this file loads after my VirtualHost settings, it was overriding the httpd.conf settings.

    YAY! I've tested all this and it works.

    NOTE: You might notice above that I used the SSLCertificateFile path to the default Plesk certificate. This is only temporary until I replace it with my own.

    I'm going to talk to Godaddy (my VDS webhost) and make sure, but if this works, it should allow me to use my SSL certificate with all domains as if it were shared. Hopefully this will help others too :)

    Let me know if anybody has any thoughts on this method.

    Thanks!
     
  3. jamesyeeoc

    jamesyeeoc Guest

    0
     
    This is a bit late, but any changes to the httpd.conf and httpd.include files can and will be overwritten by Plesk (upgrades, domain creation, etc). So this would be totally temporary, until the file gets overwritten.
     
Loading...