redjersey
Verified User
in my directadmin.conf, I have the SNI field set to enabled.
However I'm trying to figure out how to install SSL certificates for different domains, on one IP address:
let's say I have 3 domains under user admin:
domain1.com
domain2.com
domain3.com
method 1:
=================
if I use directadmin control panel -> SSL Certificate to install SSL on domain1. Then DA will save the key and crt to /etc/httpd/conf/ssl.key/server.key
/etc/httpd/conf/ssl.crt/server.crt
so, if I try to install SSL for domain2 or 3 using the DA control panel, server.key and server.crt will be overwritten and domain1 SSL will be screwed up.
method 2:
=================
Since method 1 doesn't work, I have to install SSL by directly modifying the
/usr/local/directadmin/data/users/admin/httpd.conf
domain1.com Virtualhost is gonna look like this
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain1.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain1.key
domain2 Virtualhost is gonna look like this
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain2.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain2.key
sounds good, however if I rebuild httpd or add a domain, delete a domain, or even add a subdomain,
/usr/local/directadmin/data/users/admin/httpd.conf
will be overwriten and screwed up all of my SSL!
if I do:
chattr +i /usr/local/directadmin/data/users/admin/httpd.conf
then admin/httpd.conf won't be changed, but it also means that I can't add/edit/delete domains under admin, unless I do chattr -i??? what if I forgot to do chattr -i???
is there any better solution??
However I'm trying to figure out how to install SSL certificates for different domains, on one IP address:
let's say I have 3 domains under user admin:
domain1.com
domain2.com
domain3.com
method 1:
=================
if I use directadmin control panel -> SSL Certificate to install SSL on domain1. Then DA will save the key and crt to /etc/httpd/conf/ssl.key/server.key
/etc/httpd/conf/ssl.crt/server.crt
so, if I try to install SSL for domain2 or 3 using the DA control panel, server.key and server.crt will be overwritten and domain1 SSL will be screwed up.
method 2:
=================
Since method 1 doesn't work, I have to install SSL by directly modifying the
/usr/local/directadmin/data/users/admin/httpd.conf
domain1.com Virtualhost is gonna look like this
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain1.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain1.key
domain2 Virtualhost is gonna look like this
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain2.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain2.key
sounds good, however if I rebuild httpd or add a domain, delete a domain, or even add a subdomain,
/usr/local/directadmin/data/users/admin/httpd.conf
will be overwriten and screwed up all of my SSL!
if I do:
chattr +i /usr/local/directadmin/data/users/admin/httpd.conf
then admin/httpd.conf won't be changed, but it also means that I can't add/edit/delete domains under admin, unless I do chattr -i??? what if I forgot to do chattr -i???
is there any better solution??
