Lets Encrypt Plugin und default domain

Hi all,

sorry to stress this again but I have a strange behavior now.

As posted yesterday, I installed the letsencrypt plugin and got it working. Small issue with the PanelRedirect plugin was solved after a hint from Nuxwin.

Thanks again !

Now the issue is that the ssl cert is working for the admin page but I get a message that the cert is not valid.

Reason for that is that the cert is created for the last created domain via letsencrpyt plugin and not for the original admin domain.

Here is an example to understand it better.

Admin panel is running with domain name admin.example1.com

But the used ssl cert is named for example2.com. Domain2 was the last successful domain created by the letsencrypt plugin.

Did I missed here something?

In an other thread nuxwin in refering to use the ServerDefaultPage, Is this the trick here as well?

BR

Mr.X

Quote from Nuxwin

Mr.X

The control panel is made available through dedicated ports and is run through dedicated httpd instance (nginx). If you try to access it through standard http ports (through Apache2) while there is no Apache2 vhost files for the control panel domain, Apache2 will serves the first site found (here example2.com) and therefore:

The SSL certificate will be marked as invalid by your browser because the name admin.example1.com doesn't match with the name example2.com.

Don't forget: The control panel is run through dedicated ports and through nginx Web server, not Apache2 Web server. Thus, by default, there are not Apache2 vhost files for the control panel by default, those last that would make you able to reach the control panel through standard http ports (80, 443). The PanelRedirect plugin was meant to provide access to the control panel through standard http ports by creating the Apache2 vhost files for the control panel using either simple http redirection or the proxy feature. However, the PanelRedirect plugin has been deprecrated in favor of the i-MSCP redirect (proxy) feature.

So what now?

• Either you always access the control panel through expected non standard ports (look at your /etc/imscp/imscp.conf file for the ports)
• Either you add the control panel domain as client domain or subdomain and you enable the proxy feature and Let's Encrypt for it.

Regarding the DefaultServerPage plugin

That plugin will prevent Apache2 to serve the default site found when there are no Apache2 vhost file for the domain you try to reach. Instead, a default server page will be served.

Display More

Salut Nuxin,

thanks for your long answer. Ok, understood.

But what do you mean with "i-MSCP redirect (proxy) feature"?

Br

Mr.X

Hi Nuxwin,

I did search the forum first but could find any details.

I also looked at the plugin page to get some details.

This link is very helpful, thx.

Mr.X