siteworx and webmail login warnings question?

bear · December 21, 2017, 3:05am

searched for the answer but could not find anything.

When you visit siteworx and webmail you get a warning due to there being no ssl cert on there.

Is there a way to use an excising ssl cert with the siteworx login so there is no warning notice?

webmail login, is there a way to go to mydomain/webmail and use a ssl cert so there is no warning notice?
failing that using the ip address/webmail login, can this be configured so there is no warning notice?

Thank you.

sysnop · December 21, 2017, 10:12am

What kind of “existing cert” do you mean? If you already have a SSL certificate for your domain and it works for home, the same cert should cover the webmail URL. The same cert should also work for Siteworx if you prefer names instead of IPs. For control panels I prefer using https with the server IP and just add an exception in the browser to nix the error.

If you don’t have a cert for the domain then try the LetsEncrypt plugin. You don’t need to add an extra namespace for the webmail URL.

d2d4j · December 21, 2017, 10:42am

HI Bear
Sysnop is correct in all aspects.
You could use your nodeworx ssl (as long as it is not self signed).
Your IP would not have a SSL on it due to SSL no longer available for IP addresses
You could use the Lets Encrypt plugin, and get an SSL from SSL on the domains you wish to use
If using your nodeworx SSL, you are best advised to change the rewrite for /webmail to go to yourdomainnodeworx/webmail eg if a browser requested clientdomain/webmail, th erewrite goto yourdomainnodeworx/webmail
Kudos to Sysnop
Many thanks
John

sysnop · December 21, 2017, 5:22pm

SSL gets easier and LetsEncrypt gets greater once it starts supporting wildcards, in early 2018 I think.

bear · December 22, 2017, 7:10am

Hi
sorry did not explain that to well got a bit mixed up.

I already have a SSL certificate for a domain and works ok on hrrps but when browsing to either https://domain.com:2443/webmail/ or https://domain.com:2443/siteworx/ I get

There is a problem with this website’s security certificate

do I have to edit a file to get it working with webmail and siteworx.

Thank you

d2d4j · December 22, 2017, 7:48am

Hi bear

Many thanks

I think you have the address wrong, unless I?m been too literal sorry

The correct domain webmail access is

https://siteworxdomain/webmail

You have :2443 in your link, so it will give a warning

I hope that helps

Many thanks

John

sysnop · December 22, 2017, 8:12am

I see what bear means about Siteworx. It seems we’re talking two different issues with different answers.

Since I use IPs and it never occurs to me to use domains for Siteworx, I hadn’t noticed that using a Siteworx URL without port 2443 still redirects using the port #, and that’s why the browser can’t accept the certificate using https domain/siteworx – because the port # gets inserted either way.

You’re right about editing a file and like John suggested earlier, I believe you can setup a rewrite in your virtualhost file or with an .htaccess file in the domain’s root directory. Sorry, I’m not smart enough about Apache to advise you well on this.

Webmail is different and doesn’t redirect, so you shouldn’t be seeing this same behavior with the webmail URL. If you’re still getting a browser error using https with domain/webmail minus the port #, then something is wrong.

d2d4j · December 22, 2017, 8:25am

Hi sysnop

I?m glad you got it but sorry, I am slow sometimes and I am getting slightly lost sorry

The :2443 is only used for IW-CP login

The redirects are already present in iWorx.ini I think it?s called

These redirects are only for anything ending /nodeworx or /siteworx

Ideally, the redirect server name needs changing to your domain used for logging in to IW-CP, which is usually the FQDN of the server

This then redirects you https://serverdomain:2443/siteworx or /nodeworx as apposed to https://siteworxdomain:2443/siteworx or /nodeworx

The latter would fail on ssl due to wrong ssl cert used by IW-CP

I hope that makes sense sorry and if I have time next week, I?ll post exactly how to do this

Merry Christmas and happy new year

John

bear · December 22, 2017, 8:36am

when I go to https://domain.com/webmail/ it throws a 500 internal server error? that’s why I thought it was incorrect url
using it with the 2443 port works ok

thanks again

Happy Christmas and new year to you both

d2d4j · December 22, 2017, 8:53am

Hi bear

I think sysnop has a better understanding of the issue - I?m slightly busy sorry here - last working day for our clients

What IW version are you using

Are there anything shown in logs to help with error 500

Have you made any changes to apache or iworx files for redirects

I hope you don?t mind me asking but it would help

Many thanks

John

sysnop · December 22, 2017, 9:03am

Sorry again bear, I’m stumped by your 500 error. Something isn’t right about your virtualhost or .htaccess if one exists. If you have an .htaccess try removing it temporarily just to see if the error goes away.

Didn’t you say in a different post that you’re using intoDNS? I’m beginning to wonder if you need to bypass them while troubleshooting. You seem to have separate problems that may or may not be related to your SSL and PTR issues.

sysnop · December 22, 2017, 9:26am

I’m stepping away for the remainder of the weekend. Merry Christmas to John and the Interworx team!

You too bear! and good luck with your server issues. The pieces will fall into place.

d2d4j · December 22, 2017, 9:30am

Hi sysnop

I hope you and your loved ones have a lovely Christmas and happy new year

Hopefully I will not be too long before I finish for a day or two

Kudos to you for htaccess, as I think that maybe the issue perhaps

Many thanks

John

d2d4j · December 22, 2017, 11:57pm

Hi bear

I was thinking about this and it is not a rewrite rule, or it should have taken you to port 2443 when detecting /webmail

htaccess is a place to disable as sysnop states - kudos to sysnop. This could give a 500 error

The other thing I thought of was the proxy settings, which webmail uses

I suspect years ago you implemented a form of proxy or htaccess directive to take /webmail to port 2443

If that is the case, I would suggest you open a support ticket with IW to have a look as it is guess work on our part

If you do, please could you update your post to help others

If you prefer not to open a support ticket, we will continue to help but would need more information from some files

I hope that helps a little and have a lovely Christmas and a happy new year

Many thanks

John

bear · December 23, 2017, 3:12am

Good day to you.
Thanks for all your help, this is a newly installed server/interworx but having a few issues so will open a ticket for support guys to have a look.
I feel there are a few permissions wrong some where, no rush this side of xmas though.

Happy xmas

d2d4j · December 23, 2017, 3:59am

Hi bear

Many thanks

There is a permsfix.pex to correct perms but not knowing your server it is better to IW have a look first.

I do not want to make it worse sorry

Appreciate if you could update once resolved - IW rock and will let you know

Many thanks

John

bear · December 27, 2017, 3:43am

webmail error resolved after support pointed me in the right direction, this module was disabled.
LoadModule proxy_http_module modules/mod_proxy_http.so
re-enabled and webmail now working without an error, strange though as my last server worked ok with that module disabled.