Hey there!
I got a strange Problem which i just faced.
I never really configured any SSL powered websites with virtualmin. Now, we use also wordpress, so we activated "ssl website" for that one virtualmin domain.
So far so good. It works fine.
BUT: when i try one of the other virtualmin domains on that server (which have ssl website disabled) with https, i get the cert warning from the domain i activated before (the cert if inofficial) When i accept that cert, the url stays the same, but content is coming from the domain with ssl enabled.
OK example here: I got lets say 2 websites/customers on my virtualmin server. SiteA has ssl enabled. SiteB has ssl disabled.
When i go to https://url_SiteB.com the cert from SiteA is showing up and the content from SiteA is coming after i accepted the cert. What the...
When SiteB gots its own cert enabled, it works like it should, the assignment is correct then.
That's one ugly behaviour. I mean its not a security risk, but i'd wish that there is coming nothing or an error if i enter a webpage via https which hasnt the capability of https enabled. (and not getting another site where i got ssl enabled)
Any ideas on that one?
actually I face the same. haven\t looked into it yet though
might be able to fix this in the httpd.conf or the vContainer part of the domain in question with a redirect :s
actually I face the same. haven\t looked into it yet though
might be able to fix this in the httpd.conf or the vContainer part of the domain in question with a redirect :s
Ok, i thought i did something wrong by accidently messing up the apache config.
Customers didn't blame me so far, but i can even smell problems coming up. As i think this one is REALLY unsexy...
Well, I'm not really sure what steps you took to enable SSL.
However, each SSL-enabled Virtual Server needs a unique IP address.
So, if you have 10 domains on a given IP address, that's great, but only one of them can have an SSL-enabled site on that IP. If you want a second Virtual Server to use an SSL certificate, you can do that, but only after adding a new IP for that Virtual Server.
Otherwise, you would get the symptoms you're describing above :-)
If you do in fact have a unique IP for each SSL-enabled Virtual Server you have, something may be awry with the VirtualHost section for that site -- if you post the VirtualHost lines in here, we can help you track down what's going awry.
-Eric
This is actually a side-effect of using the shared virtual server IP for an SSL site, as well. So, if you have many virtual hosts and one SSL site configured on an IP the one SSL site will answer for any request on that IP. This is a side effect of the way virtual hosts work in Apache...it performs a "first best" match to see which site to use. Maybe there's a way to avoid this behavior, but it's not coming to me at the moment. The default solution is to use a separate IP for every SSL virtual host. We used to require this, but folks who wanted to use the same certificate for lots of virtual hosts yelled at us until we relented. So, now you can enable multiple SSL hosts on the same IP....but Apache can only ever serve one certificate file (which could be a UCC certificate).
See the docs on SSL for a more thorough description of SSL and Virtualmin:
http://www.virtualmin.com/documentation/id,ssl_and_virtualmin/
--
Check out the forum guidelines!
Ah, ok u r right. Now i remember, i had this problem already. Totally forgot about it... Thanx for giving me that hint.