Current time: 12-24-2024, 02:58 AM Hello There, Guest! (LoginRegister)


Post Reply 
SSL Proxy
Author Message
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #1
SSL Proxy
Is it possible to modify ispCP for ssl proxy (shared ssl)?
07-27-2007 08:37 PM
Find all posts by this user Quote this message in a reply
dabvhcs Offline
Junior Member
*

Posts: 26
Joined: Mar 2007
Reputation: 0
Post: #2
RE: SSL Proxy
fulltilt Wrote:Is it possible to modify ispCP for ssl proxy (shared ssl)?

Yes you can easily do it by using pound (http://www.apsis.ch/pound/, the easy solution to implement), or by using apache (by modify templates). This is also in the Wishlist :
http://www.isp-control.net/ispcp/wiki/wishlist_2_5

Also, you can try use google cache to find some tutos which have been published on the VHCS forum (bnot online now).
(This post was last modified: 07-27-2007 09:29 PM by dabvhcs.)
07-27-2007 09:27 PM
Find all posts by this user Quote this message in a reply
ephigenie Offline
Project Leader
*******
Administrators

Posts: 1,578
Joined: Oct 2006
Reputation: 15
Post: #3
RE: SSL Proxy
another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already Wink

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:
non-ssl-domain.tld         http://www.non-ssl-domain.tld

so you can add here a lot of domains one under the other - where the first entry is the alias used for something like https://admin.yourdomain.tld/sslproxy/no...omain.tld/

the create the sslproxy directory below the document_root of the used vhost (in my example it would be /var/www/ispcp/gui/sslproxy )

and add the following at the end of your 00_master.conf
Code:
RewriteEngine   on
RewriteLog      /var/log/apache2/sslproxy.log
RewriteMap      sslproxy                   txt:/etc/apache2/sslproxy.map
RewriteRule     ^/sslproxy/(.*)$        ${sslproxy:$1} [P]

of course you need to load mod_proxy to make it work.
(a2enmod mod_proxy)

then test.
Pls be aware that most cookie based auth methods will fail because its the wrong domain in the cookie - so the browser won't return something to the server. Also all paths should be relative because otherwise you've mixed content you won't like ... and which will be shown the user as
07-28-2007 12:15 AM
Visit this user's website Find all posts by this user Quote this message in a reply
fulltilt Offline
Member
***

Posts: 1,225
Joined: Apr 2007
Reputation: 5
Post: #4
RE: SSL Proxy
thanks - that helps Smile

ephigenie Wrote:another easy way could be to it with mod_rewrite in i.e. the 00_master.conf

I assume you've modified the 00_master.conf to use ssl already Wink

i'd create a file sslproxy.map below /etc/apache2/
with content like this :

Code:
non-ssl-domain.tld         http://www.non-ssl-domain.tld

so you can add here a lot of domains one under the other - where the first entry is the alias used for something like https://admin.yourdomain.tld/sslproxy/no...omain.tld/

the create the sslproxy directory below the document_root of the used vhost (in my example it would be /var/www/ispcp/gui/sslproxy )

and add the following at the end of your 00_master.conf
Code:
RewriteEngine   on
RewriteLog      /var/log/apache2/sslproxy.log
RewriteMap      sslproxy                   txt:/etc/apache2/sslproxy.map
RewriteRule     ^/sslproxy/(.*)$        ${sslproxy:$1} [P]

of course you need to load mod_proxy to make it work.
(a2enmod mod_proxy)

then test.
Pls be aware that most cookie based auth methods will fail because its the wrong domain in the cookie - so the browser won't return something to the server. Also all paths should be relative because otherwise you've mixed content you won't like ... and which will be shown the user as
07-28-2007 12:27 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)