• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

urgent! Need help with SSL virtualhost (already got regular working)

KingSky

KingSky

New Pleskian
Method for sharing 1 SSL certificates among clients [possible MOD]

Hi,

Sorry to mark this as urgent, but it really is. I have a client who is going to need to have their shopping cart up by next week.

I have implemented the following in my httpd.conf file:

Code: 
<VirtualHost my.ip.add.ress>
ServerName default
UseCanonicalName Off
DocumentRoot /home/httpd/vhosts/default/htdocs
ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
<Directory "/home/httpd/vhosts"> 
DirectoryIndex index.php index.html index.htm default.html default.htm
<IfModule mod_php4.c>
php_admin_flag engine on
</IfModule>
</Directory>
<IfModule mod_userdir.c>
UserDir enable *
UserDir httpdocs
</IfModule>
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>
<Directory "/home/httpd/vhosts/default/cgi-bin/">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>

so that I can access my domains like so:
http://myipaddress/~ftpusername

This works great... but I need to do it for SSL too so that these requests are redirected to the httpsdocs folder.

I read a bunch of forums/webpages and tried messing with this section:

Code: 
<IfModule mod_ssl.c>
SSLEngine off
</IfModule>

But I'm really not sure what to change to do what I want, everything I tried prevented apache from restarting.

Please help!

Thanks SOO much!

-Kevin
 
Well, Murphy's Law I guess, I worked on this for a couple days before posting, then found the solution less than an hour afterword.

Here is what I have added to my httpd.conf right before the
Include /etc/httpd/conf/httpd.include
line:

Code: 
<VirtualHost my.ip.address:80>
	ServerName default
	UseCanonicalName Off
	DocumentRoot /home/httpd/vhosts/default/htdocs
	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
	<Directory "/home/httpd/vhosts"> 
		DirectoryIndex index.php index.html index.htm default.html default.htm
	<IfModule mod_php4.c>
		php_admin_flag engine on
	</IfModule>
	</Directory>
	<IfModule mod_userdir.c>
		UserDir enable *
		UserDir httpdocs
	</IfModule>
	<IfModule mod_ssl.c>
		SSLEngine off
	</IfModule>
	<Directory "/home/httpd/vhosts/default/cgi-bin/">
		AllowOverride None
		Options None
		Order allow,deny
		Allow from all
	</Directory>
</VirtualHost>

<IfModule mod_ssl.c>

<VirtualHost my.ip.address:443 >
	ServerName default
	UseCanonicalName Off
	DocumentRoot /home/httpd/vhosts/default/httpsdocs
	ScriptAlias /cgi-bin/ "/home/httpd/vhosts/default/cgi-bin/"
	SSLEngine on
	SSLVerifyClient none
	SSLCertificateFile /usr/local/psa/var/certificates/certXoCPncb
	<IfModule mod_userdir.c>
		UserDir enable *
		UserDir httpsdocs
	</IfModule>
	<Directory "/home/httpd/vhosts/default/cgi-bin/">
		AllowOverride None
		Options None
		Order allow,deny
		Allow from all
	</Directory>
	<Directory /home/httpd/vhosts/default/httpsdocs>
		SSLRequireSSL
	</Directory>
</VirtualHost>

</IfModule>

By adding this code to your httpd.conf, what happens is this:

http://my.ip.address/~ftpusername
goes to the clients normal websites httpdocs folder, and

https://my.ip.address/~ftpusername
goes to the clients secure httpsdocs folder


One thing to note... my PHP scripts wouldn't load at first, they tried to download as code. The solution was to go into httpd.conf and AFTER this line,

Include /etc/httpd/conf/httpd.include

add this:


<Directory "/home/httpd/vhosts">
AllowOverride All
Options SymLinksIfOwnerMatch
Order allow,deny
Allow from all
php_admin_flag engine on
</Directory>


Since this file loads after my VirtualHost settings, it was overriding the httpd.conf settings.

YAY! I've tested all this and it works.

NOTE: You might notice above that I used the SSLCertificateFile path to the default Plesk certificate. This is only temporary until I replace it with my own.

I'm going to talk to Godaddy (my VDS webhost) and make sure, but if this works, it should allow me to use my SSL certificate with all domains as if it were shared. Hopefully this will help others too :)

Let me know if anybody has any thoughts on this method.

Thanks!
 
This is a bit late, but any changes to the httpd.conf and httpd.include files can and will be overwritten by Plesk (upgrades, domain creation, etc). So this would be totally temporary, until the file gets overwritten.
 
You must log in or register to reply here.

Similar threads

TimReeves
Resolved Webmail - PHP not working, file downloaded not executed
Replies
2
Views
3K
aslotta
aslotta
LTUser
Issue server.conf / access_compat / Order allow,deny / Plesk 17.8.11
Replies
0
Views
727
LTUser
LTUser
T
Question Apache 2.4 - every page in my site works, expect home
Replies
3
Views
3K
ahmad314
A
UnS3eN
Issue No FTP (proFTP) access after 17.8.11 upgrade
Replies
4
Views
4K
UnS3eN
UnS3eN
Mark12345
Issue A+ SSL/TLS Test - PCI Compliance - Ciphers - Oh My
Replies
8
Views
4K
Mark12345
Mark12345
Back
Top