This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.

SSL Separation Between Sentora and Client Domains
#7
RE: SSL Separation Between Sentora and Client Domains
(02-18-2015, 09:13 PM)Jayster Wrote: ahh.. There are 2 different types of SSL installation in Sentora.

Just pay attention in client domain here, not the Sentora panel.
If you have a client domain eg: HTTP://yourclient.domain and you want to forward it to HTTPS://yourclient.domain

USE the following:
Overriding Vhost via MODULE ADMIN>>APACHE CONFIG>>Select the Vhost to Override
eg: yourclient.domain
1) Port Override -> 443
2) Custom Entry:


Code:
 SSLEngine on
 SSLCertificateFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.crt
 SSLCertificateKeyFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.key
 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
 CustomLog c:/zpanel/logs/ssl/ssl_zpx_request.log \
 SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

Now the result for that will be:

HTTP://yourclient.domain will always be forwarded to SSL 443 eg: HTTPS://yourclient.domain
so there is no way to view this via port 80 or standard HTTP

Now if you want to view your client domain in a separate socket port HTTP and HTTPS at the same time?

All you need to do is the following:

Create a SSL-VHOST and name it like for example: "httpd-ssl-vhost.conf"

Open your Sentora Config -> "httpd-vhost.conf" then copy and paste the vhost which is the "yourclient.domain" in your created "httpd-ssl-vhost.conf.
Example below:

Code:
# DOMAIN: yourclient.domain
<virtualhost *:80>
ServerName yourclient.domain
ServerAlias  www.yourclient.domain
ServerAdmin panel@yourclient.domain
DocumentRoot "/var/sentora/hostdata/zadmin/public_html/yourclient_domain"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/yourclient_domain:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/sentora/logs/domains/zadmin/yourclient.domain-error.log"
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-access.log" combined
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-bandwidth.log" common
<Directory "/var/sentora/hostdata/zadmin/public_html/yourclient_domain">
 Options +FollowSymLinks -Indexes
 AllowOverride All
 Order Allow,Deny
 Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)

</virtualhost>
# END DOMAIN: yourclient.domain
################################################################

After pasting the code, modify it like this: example code below:


Code:
# DOMAIN: yourclient.domain
<virtualhost *:443>
ServerName yourclient.domain
ServerAlias  www.yourclient.domain
ServerAdmin panel@yourclient.domain
DocumentRoot "/var/sentora/hostdata/zadmin/public_html/yourclient_domain"
php_admin_value open_basedir "/var/sentora/hostdata/zadmin/public_html/yourclient_domain:/var/sentora/temp/"
php_admin_value suhosin.executor.func.blacklist "passthru, show_source, shell_exec, system, pcntl_exec, popen, pclose, proc_open, proc_nice, proc_terminate, proc_get_status, proc_close, leak, apache_child_terminate, posix_kill, posix_mkfifo, posix_setpgid, posix_setsid, posix_setuid, escapeshellcmd, escapeshellarg, exec"
ErrorLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-error.log"
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-access.log" combined
CustomLog "/var/sentora/logs/domains/zadmin/yourclient.domain-ssl-bandwidth.log" common
<Directory "/var/sentora/hostdata/zadmin/public_html/yourclient_domain">
 Options +FollowSymLinks -Indexes
 AllowOverride All
 Order Allow,Deny
 Allow from all
</Directory>
AddType application/x-httpd-php .php3 .php
ErrorDocument 404 /_errorpages/404.html
ErrorDocument 510 /_errorpages/510.html
ErrorDocument 500 /_errorpages/500.html
ErrorDocument 403 /_errorpages/403.html
DirectoryIndex index.html index.htm index.php index.asp index.aspx index.jsp index.jspa index.shtml index.shtm
# Custom Global Settings (if any exist)

# Custom VH settings (if any exist)

#LET'S ADD YOUR SSL CERTIFICATE, KEY, PEM and BUNDLES HERE
SSLEngine on
SSLCertificateFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.crt
SSLCertificateKeyFile C:/zpanel/bin/apache/ssl_certs/__.domain.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

</virtualhost>
# END DOMAIN: yourclient.domain
################################################################

save it!
Open the Sentora Config --> HTTPD.CONF
add this at the after "Include /etc/sentora/configs/apache/httpd-vhosts.conf"

The line should be like this: "Include /etc/sentora/configs/apache/httpd-ssl-vhosts.conf"
Save it!

TAKE NOTE: In Sentora, Make SURE you have created a dummy subdomain which contains a dummy SSL in Module Admin>>Apache Config>>Override Vhost

So that the LISTEN PORT 443 will be generated by  Sentora by default if Override Vhost 443 is enabled.

Adding Listen 443 manually will kill your Apache service.

Now if you have done this all? Restart your Apache service

CentOS: service httpd restart

Open your browser and check HTTP://yourclient.domain and HTTPS://yourclient.domain

I hope this helps you! Good luck

Hi i am using ubantu 14.04 
i add port override to 443 for my domain from apache config...
i got following error attached screenshot.... please help... sentora version 1.0.0


Attached Files Thumbnail(s)
   
Reply
Thanks given by:


Messages In This Thread
RE: SSL Separation Between Sentora and Client Domains - by wakeupzee - 04-01-2015, 01:24 AM

Possibly Related Threads…
Thread Author Replies Views Last Post
Is Sentora dead? rajeevrrs 2 3 ,981 12-17-2022, 09:20 AM
Last Post: TGates
Sentora debug and error files johnnyp 0 1 ,596 10-27-2022, 06:16 PM
Last Post: johnnyp
Transfer Account to another Sentora BenI 1 3 ,350 07-21-2022, 07:19 PM
Last Post: Nigel

Forum Jump:


Users browsing this thread: 2 Guest(s)