added SSL apache domain now a little stuck.

3 posts / 0 new
Last post
#1 Sat, 10/13/2007 - 13:30
NigelAves

added SSL apache domain now a little stuck.

Using VirtualMin GPL

I have 4 name based servers setup with Virtualmin and all is working perfectly. (Though I did need to turn Suexec off to get CGI scripts to work. Still not figured that beast out yet!)

local ip address is 192.168.0.10 for the server and I have my DSL modem setup to point all incoming 80 and 443 ports to this server with port forwarding.

Because I want to check email (SquirrelMail) and mess a around with an on-line shop (to sell prints / photo-sets) I added a SSL enabled site. I could not generate it using the same IP address so I choose 192.1678.0.50

But now I seem to be stuck! How do I get outside requests to go to that server? (internally no prob and all is working as I just modify my hosts file to point to the new ip address.)

Any pointers would be of great help.

Nigel.

Sat, 10/13/2007 - 14:19
Joe
Joe's picture

<div class='quote'>Though I did need to turn Suexec off to get CGI scripts to work. Still not figured that beast out yet!</div>

You just need suexec to be compiled with suexec_docroot set to /home. Our packages are built that way (so if you installed from the install.sh it'll be right--though the Debian repo was broken until this morning, but it's fixed now).

<div class='quote'>Because I want to check email (SquirrelMail) and mess a around with an on-line shop (to sell prints / photo-sets) I added a SSL enabled site. I could not generate it using the same IP address so I choose 192.1678.0.50</div>

If you just need one SSL site, there is a workaround to this restriction:

1. Create the virtual server without SSL on the shared IP
2. Go to Server Configuration -&gt; Change IP Address, and change the SSL port to 444
3. Enable SSL for the virtual server
4. Go back to the Change IP Address page, and set SSL to port 443

This will be easier in the next revision or two. It's just not very common, historically speaking...most Virtualmin users have dedicated hosting boxes with a few public IP addresses to work with. But it still makes sense to allow SSL on the &quot;shared&quot; IP address.

--

Check out the forum guidelines!

Mon, 10/22/2007 - 08:23 (Reply to #2)
NigelAves

Joe,

That pointed me in the right directions for the web site SSL aspect. (I've been looking at Squid in Reverse Mode to possibly make things a little easier but that has defeated me totally! It did not help that webmin is out of date and only supports up to 2.5 for reverse proxy)

On the SuExec. I'm runing Fedora 7 and I don't really want to turn my server into a development platform, so re-compiling / building is a no go. This is one of the reasons I went to sendmail rather than a 3rd party SMTP. (I've never managed to get sendmail to work for hotmail, but you are correct, if I do a reply it works. Only new email vanishes into the MicroSoft bit bucket).

So your answer surprised me a bit as Fedora typically see's /home as being the official home directories. I can only assume that it's probably using the default of /var/www because of apache.

Nigel.

Topic locked