I’m currently setting up a VPS based web server where I will be running a group of domains from. And I’m having problems with how to set up the domains.
The VPS has 1 dedicated IP, and first i tried using that for all the domains. but ofc all the domains sent to the same vhost then.
After that i considered named based vhosts. But since I need to run ssl certs on the domains that isn’t an option ether.
Now I have heard (and read) that I should be able to setup virtualmin to use virtual IP addresses. But I can’t seem to wrap my head around it … or find any good how-tos/docs on the subject.
I’m guessing I might find some on apaches site, but I never can understand their docs.
Anyone know any good resources on the subject, or able to give me some pointers on what I need to do?
When using Virtualmin installed by the install.sh script, any new Virtual Server should use Name-based Virtual Hosts by default. The fact that it’s not is odd
All Virtual Servers should be name-based, unless explicitly given a dedicated IP address.
However, the process of giving a Virtual Server a dedicated IP address is simple. Just go into Edit Virtual Server, go into IP address and interfaces, and add the dedicated IP for that domain in the “Virtual interface” field.
Then, once you’re ready to setup SSL, go into the “Features” section for that Virtual Server, and enable the “SSL website enabled” feature.
Ok, but how do I do it so that virtualmin creates a virtual ip for each vhost automatically, when I create the virtual server? Right now when you crate a virtual server, under IP address and forwarding, it defaults to the shared ip, I want this section to automatically create a virtual IP.
I will be running a bunch of domains from this server. And want the process as automated as I can.
Hm, I don’t think you can automate allocation of virtual IPs, since that also involved creation of a virtual eth for each. Virtualmin cannot know which IP addresses are assigned to your host - you need to enter it when creating the virtual server. VMin will automatically create (and delete when no longer needed) the one new virtual eth though when you want it to.
I need to correct my previous statement: There is a way to tell VMin ranges of IP addresses from which it can auto-allocate addresses for new servers (plus auto-create the virtual eth and stuff). You configure that in the server templates, section Virtual IP address. When you set ranges there, you have a new option in the Create virtual server dialog, namely “Virtual with allocated IP” under IP address and forwarding.
yea I found that as well … problem I’m facing now is that I’m getting an error with the SSL, telling me that the cert key is too long: 'SSL received a record that exceeded the maximum permissible length.
'.
Tried signing a new one that was 1024 bit instead of 2048, didn’t help… the error.log doesn’t give me a lot of info ether:
[Sat Oct 30 13:03:05 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Oct 30 13:03:05 2010] [warn] RSA server certificate wildcard CommonName (CN) `*.pockettech.se' does NOT match server name!?
[Sat Oct 30 13:03:05 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Oct 30 13:03:05 2010] [warn] RSA server certificate wildcard CommonName (CN) `*.pockettech.se' does NOT match server name!?
So I changed the server name to just plain pockettech.se,and moved the wildcard to ‘other domains’
and get the following instead:
[Sat Oct 30 13:34:55 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[Sat Oct 30 13:34:55 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?)
[update:]
I just noticed that efter changing to virtual IP the non ssl connection wont work. The domain is hosted on my registrars DNS, and im renting a VPS from them. their record points to the VPS shared IP (unique for my VPS). so instead of comming to the expected vhost i come to another one.
Mmh, those entries in the log are not really “errors”, but rather warnings about some minor issues with the certificate it would seem. The one about “RSA server certificate being a CA certificate” sounds like you might have used some incorrect options when generating the certificate.
I’m not an expert on those things really… I use a tool named “XCA” for it which offers some useful pre-made settings to create web site certificates. URL: http://xca.sourceforge.net/
Having the wrong web site showing can have numerous reasons… For starters, check the list of virtual hosts in Webmin’s Apache module, see if the domain names, IPs etc. are correct.
