SNI for https client domains on port 2222

Version 1.59

Feature
Finished

Feature to add SNI support into DirectAdmin (not referring to apache's https connections on 443 which is already supported) This refers to connections made to 2222 where, once working, any domain which has a valid certificate on the server should be able to connect to: https://www.clientdomain.com:2222 even if it's not setup in the cert setting for 2222 in the directadmin.conf. Current, the only workaround is to create a multi-domain cert on the hostname: https://help.directadmin.com/item.php?id=645 which DA will then use, but this is not SNI, as all listed domains exist within this 1 certificate. You would need to disable the: force_hostname= setting from the directadmin.conf and restart directadmin. ---- The ssl_redirect_host='s behavior is now slightly different, in that if http is used to connect to the https in DA, the host header is now able to be sorted out (even though openssl ate some of the request during the handshake) where if a cert/key exists for the http://clientdomain.com:2222, the redirect will go to https://clientdomain.com:2222. However, if there is not a cert, it will go to the ssl_redirect_host= value. Compile time: Sept 10 ~15:30+ ---- This feature makes use of the file: /etc/virtual/snidomains which is filled when: mail_sni=1 is enabled. It's automatically updated when new certs are added or changed.

Related Links

Interested to try DirectAdmin? Get a 30-day Free Trial!