SSL and virtualmin

Hi all,

Virtualmin is generating this kind of virtualhosts:

[code:1]# cat www.tim-online.nl.conf
<VirtualHost *:80>
SuexecUserGroup "#1002" "#1002"
ServerName www.tim-online.nl
ServerAlias www.www.tim-online.nl
DocumentRoot /home/www.tim-online.nl/public_html
ErrorLog /home/www.tim-online.nl/logs/error_log
CustomLog /home/www.tim-online.nl/logs/access_log combined
ScriptAlias /cgi-bin/ /home/www.tim-online.nl/cgi-bin/
ScriptAlias /awstats /home/www.tim-online.nl/cgi-bin
</VirtualHost>[/code:1]

Can I have virtualmin generate this piece of code:

[code:1]
<VirtualHost *:80>
SuexecUserGroup "#1002" "#1002"
ServerName www.tim-online.nl
ServerAlias www.www.tim-online.nl
DocumentRoot /home/www.tim-online.nl/public_html
ErrorLog /home/www.tim-online.nl/logs/error_log
CustomLog /home/www.tim-online.nl/logs/access_log combined
ScriptAlias /cgi-bin/ /home/www.tim-online.nl/cgi-bin/
ScriptAlias /awstats /home/www.tim-online.nl/cgi-bin
</VirtualHost>

<VirtualHost *:443>
SuexecUserGroup "#1002" "#1002"
ServerName www.tim-online.nl
ServerAlias www.www.tim-online.nl
DocumentRoot /home/www.tim-online.nl/public_html
ErrorLog /home/www.tim-online.nl/logs/error_log
CustomLog /home/www.tim-online.nl/logs/access_log combined
ScriptAlias /cgi-bin/ /home/www.tim-online.nl/cgi-bin/
ScriptAlias /awstats /home/www.tim-online.nl/cgi-bin

SSLEngine on
SSLCertificateFile /etc/apache2/ssl/apache.pem
</VirtualHost>

[/code:1]

I don’t want to use virtual interfaces or anything because I only got one ip address.

Thanks in advance!

Hi,

the -> * in <VirtualHost *:80> does def. NOT work. If you are hanging behind a router with an internal IP like me it should be something more like <VirtualHost 192.168.2.100:80>

What did you enter in:
Virtualmin Pro > System Settings > Module Config > Other server settings > "Default virtual server IP address"

Tony

EDIT:
I should add that if you also want to setup a site with SSL enabled you MUST use a different IP!<br><br>Post edited by: tony.p, at: 2007/08/24 17:43

Tony’s right. Mostly.

The *:80 will work, but only if that’s coming from somewhere other than the “Default virtual server IP address” setting–if you’ve set that to *, you’ll get horribly broken DNS records (unless you explicitly set DNS correctly). * isn’t recommended in a virtual hosting environment, in general, because you’re making life harder in the future (should you move your hosts to a real server with multiple public IPs, for example).

I would recommend doing as Tony suggests, however, plus also setting the DNS record IP to your public one.

SSL can be enabled without multiple addresses, but you break 50% of the purpose of SSL (identity). So, it isn’t recommended. But, if you’re just playing on a devel server, have at it. But don’t set up anything that requires real security this way.

You can force Virtualmin to do what you’re asking for using Server Templates. In the Server Template(s) you use, find the Apache website section, and make use of the “Directives and settings for new websites” field to build up the bits you’ve shown in your example above, replacing the actual names for the Virtualmin variables, as appropriate. See here for those variables and their contents:

http://www.virtualmin.com/documentation/id,server_settings_and_templates/#variable_subsitutions

But, note, and this is a big but:

You can’t include a SSLCertificateFile for each virtual host. In an SSL connection the connection is already established, and the certificate has already been exchanged before the hostname is known to the server. You can only have one certificate, and behavior is probably undefined if you try to use multiple certificates (it’ll probably end up being whichever one is defined first in the Apache configuration, and you’ll probably get a warning about the rest of them…I dunno).