Per User SSL DirectAdmin

jeffery

jeffery

Verified User
Joined
Jan 13, 2004
Messages
177
Currently, when directadmin is set to use SSL, the non-SSL one will not work.

Is there anyway to make it both usable?

Or, more comprehensive, different users can be set to use the SSL one or the Non-SSL one (of course set by admin)

Because not all the users have their own SSL, now all domain name sticked to the SSL'ed directadmin has to use a different certificate in order to get it work...

especially the resellers, they have their own domain name, of course they want their customer to access DA thru http://www.reseller.com:2222 rather than https://www.admindomain.com:2222


Any ideas?


:p
 
Hello,

Chicken and the egg.

You need to be connected first before you send the username, thus it has no way of deciding how to connect until it's alreaday connected :)

I'm starting to think about having 2 ports, 1 for http and 1 for https. Might see this in 2 or 3 releases.

John
 
If you do, please have the facility to disable normal HTTP. I don't want my users logging in using unsecure HTTP if avoidable.

What'd be nice is a redirect so that if a user accesses HTTP and should be using HTTPS, it redirects them automatically to the HTTPS rather than showing a 404.

Matt :)
 
thoroughfare said:
If you do, please have the facility to disable normal HTTP. I don't want my users logging in using unsecure HTTP if avoidable.

What'd be nice is a redirect so that if a user accesses HTTP and should be using HTTPS, it redirects them automatically to the HTTPS rather than showing a 404.

Matt :)
Click to expand...

You would need 2 DA daemons running to do that (AFAIK), same with the ssl certificates.

John, perhaps a switch that we can use with the daemon that allows us to run numerous instances each with a specified configuration?

DirectAdmin -c /path/to/config-1.conf

No idea what that would involved but I guess it would be one of the easiest ways to do things...

Chris
 
I'd just have the daemon fork (split) after loading and one would listen for ssl and the other, not. I'd add a few extra options for "ssl_port" or something like that. If SSL=1, then the old un-changed would still work of course, always have to be backwards compatible :)

John
 
DirectAdmin Support said:
I'd just have the daemon fork (split) after loading and one would listen for ssl and the other, not. I'd add a few extra options for "ssl_port" or something like that. If SSL=1, then the old un-changed would still work of course, always have to be backwards compatible :)

John
Click to expand...

Sounds GREAT~~

Can't clam down my excitment~ :D
 
You must log in or register to reply here.
Back
Top