Submitted by rrhode on Fri, 04/10/2015 - 15:54
When restoring backups that had an Apache server with SSL enabled it restores with an IP address, even if it did not previously have one.
Example:
<VirtualHost *:443>
Becomes:
<VirtualHost 123.456.789.0:443>Status:
Closed (fixed)
Comments
Submitted by rrhode on Fri, 04/10/2015 - 20:12 Comment #1
After researching for awhile I think this is actually the intended behaviour, just not the way it was on the old system. I've figured out that Apache SNI isn't enabled by default.
I discovered an option under System Settings > Virtualmin Configuration > Defaults for new domains > Address format for Apache virtual hosts Always use *
I think mixing this with enabling Apache SNI should fix this issue.
So I guess my only issue is that I'm not entirely sure what exactly I should be changing in the config files in the version of Apache provided by Ubuntu to make it work properly. I'm thought Virtualmin configured Apache SNI automatically on CentOS but I could be wrong.
Submitted by rrhode on Fri, 04/10/2015 - 20:25 Comment #2
I'm sorry, I don't know what I'm talking about. I think it is actually enabled by default but the config has changed so that NameVirtualHost isn't required now. I thought it wasn't because for some reason on the site I was testing it on going to https it is showing the wrong site which I don't know why.
Submitted by andreychek on Fri, 04/10/2015 - 20:29 Comment #3
Howdy -- yeah on Apache 2.4 (provided with CentOS 7 and Ubuntu 14.04), it doesn't actually require the NameVirtualHost line any more.
SNI should actually work automatically, without needing to configure anything.
Knowing all that -- are you saying things are working as expected now, or are you still seeing an unexpected issue here?
Submitted by rrhode on Sat, 04/11/2015 - 07:47 Comment #4
Yes there is definitely something weird going on.
I will give an example:
https site1 workshttps site2 redirects to non-https site1
https site3 redirects to non-https site2
site3 has an alias domain with email and it's https redirects to non-https site1
https site4 works
https site5 works
I just tried disabling ssl on site2 to see what would happen, changes nothing whatsoever.
site3 and site4 are using a CA signed SSL certificate.
All these sites are on the same server. Other servers have similar weirdness.
Submitted by rrhode on Sat, 04/11/2015 - 08:17 Comment #5
OK after testing some more I think this is actually a Firefox issue because they work in Google Chrome and IE.
Submitted by rrhode on Sat, 04/11/2015 - 10:49 Comment #6
Another note for anyone seeing this in the future, I realized by default SSL is configured improperly on Ubuntu. I reconfigured the mod_ssl using the help of this site: https://www.ssllabs.com/ssltest/