The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

all https requests redirect to main page..

Discussion in 'General Discussion' started by panayot, Dec 13, 2004.

  1. panayot

    panayot Well-Known Member

    Joined:
    Nov 18, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    Hi,

    A month ago I setup self generated ssl using the main server IP and secure.hostingcompany.com for domain.

    This way all customers who could not afford to buy a certificate and dedicated IP could still take advantage of a secure connection to their admin areas on the sites or other purposes. Of course there were browser warnings that the domain did not correspond and that certificate was not from an authority but that is ok - it was still a secure connection.

    The problem is that all of a sudden https behaviour changed. when typing https://clientsite.com/ apache redirects to the main server website instead. I do not know what caused this change. perhaps some cpanel update? How can I get it back so that https requests stay at client's site and do not get redirected to main site?

    Thanks in advance
    Panayot
     
  2. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    There's a check box under Tweak Settings that says:
    When visiting /cpanel or /whm or /webmail with ssl redirect to the servers hostname.

    It's at the very bottom. You could try unchecking that. Or checking it and then unchecking it after saving the setting.
     
  3. panayot

    panayot Well-Known Member

    Joined:
    Nov 18, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    Thanks for the tip, I tried it but did not work.

    It seems there can be only one SSL certificate per ip. Even if I put several virtual hosts with <VirtualHost 1.2.3.4:443> apache will redirect all https requests to the first virtual host and disregard any other ssl virtual hosts.
     
  4. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    ahh, I didn't realize you were trying to use SSL on multiple domains under the same ip...

    You're correct... you can't do that. SSL encrypts everything in the packet sent, including the hostname it's intended for... so it goes to the ip and apache doesn't know which virtual host it's intended for and can't sort it out like it does for normal virtual host requests because it's encrypted, so it goes to the first one in the list. Perhaps in the future, with Apache 2, this will or has been fixed... but not for everyone using cpanel.
     
  5. Vautrec

    Vautrec Member

    Joined:
    Jan 16, 2004
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    Now I cannot remove it!

    Hallo, I did the same mistake.

    Now how do I remove this fake certificate which is redirecting all client sites to my own site?

    Merci
    :-D
     
  6. panayot

    panayot Well-Known Member

    Joined:
    Nov 18, 2004
    Messages:
    125
    Likes Received:
    0
    Trophy Points:
    16
    The funny thing is that this has worked for all sites on the server without redirecting! And I can give you example on another server (not cPanel) that it works - https://igphosting.com/
    You can see that the certificate is issued to server304.com and the ip is also only one but still it works. I will ask them and if I find the trick will post here.

    Vautrec,

    All you have to do is opne httpd.conf and search for '443'. You will find this way all virtual hosts that have <VirtualHost xx.xx.xx.xx:443> and you can remove whichever you do not need. You may want to backup your httpd.conf file before editing it!
     
  7. dezignguy

    dezignguy Well-Known Member

    Joined:
    Sep 26, 2004
    Messages:
    534
    Likes Received:
    0
    Trophy Points:
    16
    Yes, it'll work for all sites on that ip because it's being sent to the same ip and apache can't distinguish the difference... but your visitors will get a popup warning because the certificate name doesn't match the domain name they're going to. Actually they'll get two warnings, the other one because you're using a self-signed and untrusted certificate.

    Vautrec, you can delete the ssl host through whm... Delete an SSL Host
     
Loading...

Share This Page