RE: SSL Separation Between Sentora and Client Domains
04-01-2015, 01:24 AM
(This post was last modified: 04-01-2015, 01:27 AM by wakeupzee.)
(02-18-2015, 09:13 PM)Jayster Wrote: ahh.. There are 2 different types of SSL installation in Sentora.
Just pay attention in client domain here, not the Sentora panel.
If you have a client domain eg: HTTP://yourclient.domain and you want to forward it to HTTPS://yourclient.domain
USE the following:
Overriding Vhost via MODULE ADMIN>>APACHE CONFIG>>Select the Vhost to Override
eg: yourclient.domain
1) Port Override -> 443
2) Custom Entry:
Code:SSLEngine on
SSLCertificateFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.crt
SSLCertificateKeyFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog c:/zpanel/logs/ssl/ssl_zpx_request.log \
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
Now the result for that will be:
HTTP://yourclient.domain will always be forwarded to SSL 443 eg: HTTPS://yourclient.domain
so there is no way to view this via port 80 or standard HTTP
Now if you want to view your client domain in a separate socket port HTTP and HTTPS at the same time?
All you need to do is the following:
Create a SSL-VHOST and name it like for example: "httpd-ssl-vhost.conf"
Open your Sentora Config -> "httpd-vhost.conf" then copy and paste the vhost which is the "yourclient.domain" in your created "httpd-ssl-vhost.conf.
Example below:
Code:# DOMAIN: yourclient.domain
<virtualhost *:80>
ServerName yourclient.domain
ServerAlias www.yourclient.domain
ServerAdmin panel@yourclient.domain
DocumentRoot "/var/sentora/hostdata/zadmin/public_html/yourclient_domain"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/yourclient_domain:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/sentora/logs/domains/zadmin/yourclient.domain-error.log"
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-access.log" combined
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-bandwidth.log" common
<Directory "/var/sentora/hostdata/zadmin/public_html/yourclient_domain">
Options +FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)
# Custom VH settings (if any exist)
</virtualhost>
# END DOMAIN: yourclient.domain
################################################################
After pasting the code, modify it like this: example code below:
Code:# DOMAIN: yourclient.domain
<virtualhost *:443>
ServerName yourclient.domain
ServerAlias www.yourclient.domain
ServerAdmin panel@yourclient.domain
DocumentRoot "/var/sentora/hostdata/zadmin/public_html/yourclient_domain"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/yourclient_domain:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-error.log"
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-access.log" combined
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-bandwidth.log" common
<Directory "/var/sentora/hostdata/zadmin/public_html/yourclient_domain">
Options +FollowSymLinks -Indexes
AllowOverride All
Order Allow,Deny
Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)
# Custom VH settings (if any exist)
#LET'S ADD YOUR SSL CERTIFICATE, KEY, PEM and BUNDLES HERE
SSLEngine on
SSLCertificateFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.crt
SSLCertificateKeyFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
</virtualhost>
# END DOMAIN: yourclient.domain
################################################################
save it!
Open the Sentora Config --> HTTPD.CONF
add this at the after "Include /etc/sentora/configs/apache/httpd-vhosts.conf"
The line should be like this: "Include /etc/sentora/configs/apache/httpd-ssl-vhosts.conf"
Save it!
TAKE NOTE: In Sentora, Make SURE you have created a dummy subdomain which contains a dummy SSL in Module Admin>>Apache Config>>Override Vhost
So that the LISTEN PORT 443 will be generated by Sentora by default if Override Vhost 443 is enabled.
Adding Listen 443 manually will kill your Apache service.
Now if you have done this all? Restart your Apache service
CentOS: service httpd restart
Open your browser and check HTTP://yourclient.domain and HTTPS://yourclient.domain
I hope this helps you! Good luck
Hi i am using ubantu 14.04
i add port override to 443 for my domain from apache config...
i got following error attached screenshot.... please help... sentora version 1.0.0