SSL certs and webmail/admin new features

3 posts / 0 new
Last post
#1 Fri, 07/25/2008 - 19:55
trey

SSL certs and webmail/admin new features

What's the recommended setup for dealing with SSL certificates with the new features in VM 3.60 where http://webmail.example.com takes you to https://example.com:20000 and http://admin.example.com takes you to https://example.com:10000. What if there are 50 different servers on a single IP? Using a self-signed certificate is problematic when most users just close the site because they don't understand the warning message, and even in Firefox 3 I have to click through quite a few warning screens to add an "exception" for the certificate to allow it.

Sat, 07/26/2008 - 09:58
Joe
Joe's picture

Good question, and there is no good answer. Webmin can use a different certificate for each IP address it listens on...but mostly folks are on shared IP virtual hosts.

This probably ought to, instead, always redirect to https://host.tld:10000 and https://host.tld:20000, rather than to the domain in the URL.

We just implemented what folks asked for...but it seems like getting proper security is more important than the domain name being the customer's.

--

Check out the forum guidelines!

Sun, 08/03/2008 - 09:53
webwzrd

Ensim Pro uses a nice compromise. http://example.tld/admin redirects to https://host.tld:19638/siteadmin/?ocw_login_domain=example.tld.

Done this way, the user login already knows what domain you are logging in for and doesn't require the domain name appended to the username.

Topic locked