This website is deprecated, and remains online only for historic access to old issues and docs for historic versions of Virtualmin. It has been unmaintained for several years, and should not be relied on for up-to-date information. Please visit www.virtualmin.com instead.

Newbie help needed - Virtual Hosting / Domain

2 posts / 0 new

Topic locked

Last post

#1 Mon, 05/05/2008 - 07:09

poplin5150

Newbie help needed - Virtual Hosting / Domain

I recently switched from Mac Os X Server to CentOS for speed and other reasons. I installed Webwin w/ Virtualmin and I am so lost and confused on a few things Ill list below.

I want to have multiple SSL domains on this machine, but I keep getting error messages if I create more than one Virtual Server with SSL. Failed to create virtual server : SSL cannot be enabled for more than one domain on the IP address xxx.xx.xx.xxx unless a virtual IP interface or private port is enabled.

What the heck is this? On the Mac OS X I have have a machine with over 10 SSL certs running on one IP address.

Am I missing something here?

In Webmin Config I set up SSL Encryption. Then I go to Virtualmin and Add a new server. After I create one I cant create anymore. I get an error. Was I supposed to create a server a certain way so I can have this type of setup:

https://www.virtualhost.com with email addresses test@virtualhost.com https://www.fakehost.com with mail addresses test@fakehost.com https://www.testhost.com with mail addresses test@testhost.com https://www.devhost.com with mail addresses test@devhost.com

Can someone please explain how this can be done and if I am doing something wrong or if I indeed need multiple IP addresses on a Linux platform to do this. I have a hard time believe Macs can do it but Linux cant.

#2 Mon, 05/05/2008 - 16:29

Joe

<div class='quote'>What the heck is this? On the Mac OS X I have have a machine with over 10 SSL certs running on one IP address.</div>

No you don't. There's no room in the SSL protocol for it. There is a new protocol that does permit name-based SSL hosting, but it's not a part of Apache yet, and it is only supported by a few quite new browsers.

When the SSL connection is setup, the only identifying information is the IP address--no name has been sent yet--so the same certificate is <i>always</i> sent for the same IP, no matter how many you think you've got configured.

So, you can use the <i>same</i> certificate for multiple hostnames on a single IP, but that removes identity from the equation, which is roughly half of the value of SSL. Virtualmin does not support this, because it's just not a very good idea. If you want to create the virtual hosts, and then create matching SSL-enabled VirtualHost sections in Webmin (using the same cert), feel free to do so.

<div class='quote'>I have a hard time believe Macs can do it but Linux cant.</div>

Mac or Linux is irrelevant here. They're both running the same web server (presumably).

You're just misunderstanding what it is you're actually accomplishing on the Mac system--and Virtualmin is refusing to let you have that misunderstanding. If that's a failing on our part, so be it.

--

Check out the forum guidelines!

Topic locked