Tag: secure

nopCommerce is an open-source e-commerce platform that allows users to create and manage their online stores. It is built on the ASP.NET Core framework and supports multiple database systems, including MySQL, Microsoft SQL Server, and PostgreSQL as it’s backend. The platform is highly customizable and offers a wide range of features, including product management, order processing, shipping, payment integration, and customer management. nopCommerce is a popular choice for businesses of all sizes because of its flexibility, scalability, and user-friendly interface.
In this tutorial, we will guide you through the process of installing nopCommerce on Ubuntu Linux with Nginx reverse proxy and SSL.

Register Microsoft key and feed
To register the Microsoft key and feed, launch the terminal and execute these commands:

1. Download the packages-microsoft-prod.deb file by running the command:

wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb -O packages-microsoft-prod.deb

2. Install the packages-microsoft-prod.deb package by running the command:

sudo dpkg -i packages-microsoft-prod.deb

Install the .NET Core Runtime
To install the .NET Core Runtime, perform the following steps:

1. Update the available product listings for installation by running the command:

sudo apt-get update

2. Install the .NET runtime by running the command:

sudo apt-get install -y apt-transport-https aspnetcore-runtime-7.0

To determine the appropriate version of the .NET runtime to install, you should refer to the documentation provided by nopCommerce, which takes into account both the version of nopCommerce you are using and the Ubuntu OS version. Refer to the link below:

https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu
https://learn.microsoft.com/en-us/dotnet/core/install/linux-ubuntu#supported-distributions

3. Verify the installed .Net Core runtimes by running the command:

dotnet --list-runtimes

4. Install the libgdiplus library:

sudo apt-get install libgdiplus

libgdiplus is an open-source implementation of the GDI+ API that provides access to graphic-related functions in nopCommerce and is required for running nopCommerce on Linux.

Install MySql Server
Latest nopCommerce support latest MySQL and MariaDB versions. We will install the latest MariaDB 10.6.

1. To install mariadb-server for nopCommerce, execute the following command in the terminal:

sudo apt-get install mariadb-server

2. After installing MariaDB Server, you need to set the root password. Execute the following command in the terminal to set the root password:

sudo /usr/bin/mysql_secure_installation

This will start a prompt to guide you through the process of securing your MySQL installation and setting the root password.

3. Create a database and User. We will use these details while installing nopCommerce. Replace the names of the database and the database user accordingly.

mysql -u root -p
create database  nopCommerceDB;
grant all on nopCommerceDB.* to nopCommerceuser@localhost identified by 'P@ssW0rD';

Please replace the database name, username and password accordingly.

4. Reload privilege tables and exit the database.

flush privileges;
quit;

Install nginx

1. To install Nginx, run the following command:

sudo apt-get install nginx

2. After installing Nginx, start the service by running:

sudo systemctl start nginx

3. You can verify the status of the service using the following command:

sudo systemctl status nginx

4. Nginx Reverse proxy configuration
To configure Nginx as a reverse proxy for your nopCommerce application, you’ll need to modify the default Nginx configuration file located at /etc/nginx/sites-available/nopcommerce.linuxwebhostingsupport.in. Open the file in a text editor and replace its contents with the following:

server {

    server_name nopcommerce.linuxwebhostingsupport.in;

	listen 80;
    listen [::]:80;


  location / {
    proxy_pass         http://localhost:5000;
    proxy_http_version 1.1;
    proxy_set_header   Upgrade $http_upgrade;
    proxy_set_header   Connection keep-alive;
    proxy_set_header   Host $host;
    proxy_cache_bypass $http_upgrade;
    proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header   X-Forwarded-Proto $scheme;
    }

}

You need to replace nopcommerce.linuxwebhostingsupport.in with your domain name
5. Enable the virtual host configuration file:
Enable the server block by creating a symbolic link in the /etc/nginx/sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/nopcommerce.linuxwebhostingsupport.in /etc/nginx/sites-enabled/

6. Reload Nginx for the changes to take effect:

sudo systemctl reload Nginx

Install NopCommerce

In this example, we’ll use /var/www/nopCommerce for storing the files.

1. Create a directory:

sudo mkdir /var/www/nopCommerce

2. Navigate to the directory where you want to store the nopCommerce files, Download and unpack nopCommerce:

cd /var/www/nopCommerce
sudo wget https://github.com/nopSolutions/nopCommerce/releases/download/release-4.60.2/nopCommerce_4.60.2_NoSource_linux_x64.zip
sudo apt-get install unzip
sudo unzip nopCommerce_4.60.2_NoSource_linux_x64.zip

3. Create two directories that nopCommerce needs to run properly:

sudo mkdir bin
sudo mkdir logs

4. Change the ownership of the nopCommerce directory and its contents to the www-data group:

sudo chown -R www-data.www-data  /var/www/nopCommerce/

www-data is the user Nginx webserver runs.

Create the nopCommerce service

1. Create a file named nopCommerce.service in the /etc/systemd/system directory with the following content:

[Unit]
Description=Example nopCommerce app running on Xubuntu

[Service]
WorkingDirectory=/var/www/nopCommerce
ExecStart=/usr/bin/dotnet /var/www/nopCommerce/Nop.Web.dll
Restart=always
# Restart service after 10 seconds if the dotnet service crashes:
RestartSec=10
KillSignal=SIGINT
SyslogIdentifier=nopCommerce-example
User=www-data
Environment=ASPNETCORE_ENVIRONMENT=Production
Environment=DOTNET_PRINT_TELEMETRY_MESSAGE=false

[Install]
WantedBy=multi-user.target

2. Start the nopCommerce service by running:

sudo systemctl start nopCommerce.service

3. To check the status of the nopCommerce service, use the following command:

sudo systemctl status nopCommerce.service

Also, check if the service is running on port 5000

sudo lsof -i:5000

4. After that, restart the nginx server:

sudo systemctl restart nginx

Now that the prerequisites are installed and configured, you can proceed to install and set up your nopCommerce store.

Install nopCommerce
After completing the previous steps, you can access the website through the following URL: http://nopcommerce.linuxwebhostingsupport.in. Upon visiting the site for the first time, you will be automatically redirected to the installation page as shown below:

Provide the following information in the Store Information panel:

Admin user email: This is the email address of the first administrator for the website.

Admin user password: You must create a password for the administrator account.

Confirm password: Confirm the admin user password.

Country: Choose your country from the dropdown list. By selecting a country, you can configure your store with preinstalled language packs, preconfigured settings, shipping details, VAT settings, currencies, measures, and more.

Create sample data: Check this box if you want sample products to be created. It is recommended so that you can start working with your website before adding your own products. You can always delete or unpublish these items later.

In the Database Information panel, you will need to provide the following details:

Database: Select either Microsoft SQL Server, MySQL, or PostgreSQL. Since, we are installing nopCommerce on Linux and MariaDB, choose the MySQL.

Create database if it doesn’t exist: We recommend creating your database and database user ahead of time to ensure a successful installation. Simply create a database instance and add the database user to it. The installation process will create all the tables, stored procedures, and more. Uncheck this option since we can use the database and database user we created earlier.

Enter raw connection string (advanced): Select this option if you prefer to enter a Connection string instead of filling the connection fields. For now, leave this unchecked

Server name: This is the IP, URL, or server name of your database. Use “localhost”.

Database name: This is the name of the database used by nopCommerce. Use the database we created earlier.

Use integrated Windows authentication: Leave it unchecked

SQL Username: Enter your database user name we created earlier.

SQL Password: Use your database user password we used earlier.

Specify custom collation: Leave this advanced setting empty.

Click on the Install button to initiate the installation process. Once the installation is complete, the home page of your new site will be displayed. Access your site from the following URL: http://nopcommerce.linuxwebhostingsupport.in.

Note:
You can reset a nopCommerce website to its default settings by deleting the appsettings.json file located in the App_Data folder.

Adding and Securing the nopCommerce
We will be using Let’s Encrypt to add free and secure SSL certificate.
Let’s Encrypt is a free, automated, and open certificate authority that allows you to obtain SSL/TLS certificates for your website. Certbot is a command-line tool that automates the process of obtaining and renewing these certificates, making it easier to secure your website with HTTPS.

Here are the steps to install SSL with Certbot Nginx plugins:

1.Install Certbot: First, make sure you have Certbot installed on your server. You can do this by running the following command:

sudo apt-get update
sudo apt-get install certbot python3-certbot-nginx

2. Obtain SSL Certificate: Next, you need to obtain an SSL certificate for your domain. You can do this by running the following command:
sudo certbot –nginx -d yourdomain.com

Replace yourdomain.com with your own domain name. This command will automatically configure Nginx to use SSL, obtain a Let’s Encrypt SSL certificate and set an automatic redirect from http to https.

3.Verify SSL Certificate: Once the certificate is installed, you can verify it by visiting your website using the https protocol. If the SSL certificate is valid, you should see a padlock icon in your browser’s address bar.

4. Automatic Renewal: Certbot SSL certificates are valid for 90 days. To automatically renew your SSL certificate before it expires, you can set up a cron job to run the following command:

sudo certbot renew --quiet

This will check if your SSL certificate is due for renewal and automatically renew it if necessary.

5. nopCommerce also recommend turning “UseProxy setting to true in the appsettings.json file located in the App_Data folder if we are using SSL. So change this value too.

nopCommerce is a popular open-source e-commerce platform that offers users a flexible and scalable solution for creating and managing online stores. In this tutorial, we provided a step-by-step guide for installing and configuring nopCommerce on Ubuntu Linux with Nginx reverse proxy and SSL. We covered the installation of Microsoft key and feed, .NET Core Runtime, MySQL server, and Nginx reverse proxy. We also discussed how to configure Nginx as a reverse proxy for the nopCommerce application. By following this tutorial, you can set up a secure and reliable nopCommerce e-commerce store on Ubuntu Linux.

How to install SSL with Apache on Ubuntu

By wahab

On June 4, 2022

In Uncategorized

In today’s world of online business and communication, security is more important than ever. One essential aspect of website security is SSL (Secure Sockets Layer), a protocol that encrypts data sent between a web server and a user’s web browser. By using SSL, website owners can protect their users’ personal information from being intercepted or stolen by hackers.

In this tutorial, we’ll walk you through the steps to install and secure your website with SSL on Ubuntu 22.04 using Apache2. By the end of this guide, you’ll have a secure, encrypted connection between your web server and your users’ browsers, helping to ensure their safety and privacy.

Section 1: Installing Apache2 on Ubuntu 22.04

Apache2 is a popular open-source web server software that plays a crucial role in hosting websites on the internet. In this section, we will walk through the process of installing Apache2 on Ubuntu 22.04.

Step 1: Update the Package List
Before installing any new software, it’s always a good idea to update the package list to ensure you are installing the latest version of the software. To update the package list, open the terminal on Ubuntu 22.04 and run the following command:

sudo apt update

Step 2: Install Apache2
Once the package list is updated, you can proceed with installing Apache2 by running the following command:

sudo apt install apache2

This command will download and install Apache2 along with all its dependencies. During the installation process, you will be prompted to confirm the installation by typing y and pressing Enter.

Enable and Start the Apache2 service

sudo systemctl enable apache2
sudo systemctl start  apache2

Step 3: Verify Apache2 Installation
To test if Apache2 is working correctly, open a web browser and enter your server’s IP address or domain name in the address bar. You should see the default Apache2 web page.

I hope that helps! Let me know if you have any questions or suggestions for the blog post.
If Apache2 is installed correctly, you should see a page that says “Apache2 Ubuntu Default Page”.

Congratulations, you have successfully installed Apache2 on Ubuntu 22.04! In the next section, we will proceed with securing the web server by enabling SSL.

If you encounter any issues like Connection timeout or Unable to reach the website during the verification process, one possible cause could be that the Ubuntu firewall is blocking Apache2 traffic.

To check if Apache2 is currently enabled in the firewall, you can use the following command:

sudo ufw status

If the output shows that the firewall is active and Apache2 is not listed as an allowed service, you can add it by running the following command:

sudo ufw allow 'Apache Full'

This will allow both HTTP (port 80) and HTTPS (port 443) traffic to pass through the firewall, ensuring that your website is accessible to visitors.

Section 2: Installing SSL Certificate on Ubuntu 22.04 with Apache2

There are different types of SSL certificates, including domain validated, organization validated, and extended validation certificates. Each type has different features and provides varying levels of trust and security.

To install an SSL certificate on Ubuntu 22.04 with Apache2, you’ll need to follow these steps:

Obtain an SSL certificate: You can purchase an SSL certificate from a certificate authority (CA) or obtain a free SSL certificate from Let’s Encrypt. If you already have an SSL certificate, make sure it is valid and up-to-date.

Configure Apache2 to use the SSL certificate: Apache2 needs to be configured to use the SSL certificate for secure communication. This involves creating a virtual host for the SSL-enabled website, specifying the SSL certificate and key files, and enabling SSL encryption.

You can read more about different SSL certificate types, the process to create a Certificate signing request(CSR), etc in the below blog post:

SSL Certificates: What They Are and Why Your Website Needs Them

Here are the steps for creating and configuring virtual hosts for Apache on Ubuntu 22.04:

1. Create a new virtual host configuration file:

sudo nano /etc/apache2/sites-available/linuxwebhostingsupport.in.conf

Add the following configuration to the file, replacing linuxwebhostingsupport.in with your own domain name:

<VirtualHost *:80>
    ServerAdmin admin@linuxwebhostingsupport.in
    ServerName linuxwebhostingsupport.in
	ServerAlias www.linuxwebhostingsupport.in
    DocumentRoot /var/www/html/linuxwebhostingsupport.in/html

    <Directory /var/www/html/linuxwebhostingsupport.in/html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_error.log
    CustomLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin admin@linuxwebhostingsupport.in
    ServerName linuxwebhostingsupport.in
	ServerAlias www.linuxwebhostingsupport.in
    DocumentRoot /var/www/html/linuxwebhostingsupport.in/html

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/linuxwebhostingsupport.in.crt
    SSLCertificateKeyFile /etc/ssl/private/linuxwebhostingsupport.in.key
    SSLCertificateChainFile /etc/ssl/certs/linuxwebhostingsupport.in_cabundle.crt

    <Directory /var/www/html/linuxwebhostingsupport.in/html>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    ErrorLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_error.log
    CustomLog ${APACHE_LOG_DIR}/linuxwebhostingsupport.in_access.log combined
</VirtualHost>

Note: replace the paths to SSL certificate files with your own paths.

2. Enable the virtual host configuration file:

sudo a2ensite linuxwebhostingsupport.in.conf

3. Create the documentroot
Run the following command to create the directory:

sudo mkdir -p /var/www/html/linuxwebhostingsupport.in/html

4. Create an HTML file named index.html in the new directory by running the following command:

sudo nano /var/www/html/linuxwebhostingsupport.in/html/index.html

This will open a text editor. Add the following code to the file:

<html>
    <head>
        <title>Hello, world!</title>
    </head>
    <body>
        <h1>Hello, world!</h1>
        <p>Welcome to my website!</p>
    </body>
</html>

5. Reload Apache for the changes to take effect:

sudo systemctl reload apache2

Section 3: Testing SSL on Ubuntu 22.04 with Apache2

Test your SSL configuration by visiting your domain in a web browser and verifying that the SSL certificate is valid and the website loads correctly over HTTPS. The browser should display a padlock icon and the connection should be secure

You can also use the online tools like https://www.sslshopper.com/ssl-checker.html to check the configuration further. It can show if there any issues with certificate chain or trust.

Section 4. Troubleshooting SSL on Ubuntu 22.04 with Apache2

1. Certificate errors: If you encounter a certificate error, such as a warning that the certificate is not trusted or has expired, check the certificate’s validity and ensure it’s installed correctly. You can check the certificate’s details using your web browser, and make sure it matches the domain name and other relevant details.

2. Mixed content warnings: If you see mixed content warnings, which indicate that some parts of the site are not secure, check for any resources that are still being loaded over HTTP instead of HTTPS. This can include images, scripts, and other files.

3. SSL handshake errors: If you see an SSL handshake error, this usually means there’s an issue with the SSL configuration. Check your Apache configuration files and make sure the SSL directives are properly set up. You can also check for any issues with the SSL certificate, such as an invalid or mismatched domain name.

4. Server configuration errors: If the SSL certificate is working properly, but the site is still not loading over HTTPS, check your server configuration files to make sure the VirtualHost configuration is correct. Make sure the correct SSL certificate and key files are specified and that the SSL directives are set up correctly.

5. Browser-specific issues: If you’re only experiencing SSL issues in a specific web browser, make sure the browser is up to date and try clearing the cache and cookies. You can also try disabling any browser extensions that may be interfering with the SSL connection.

Remember, troubleshooting SSL issues can be complex and may require some technical expertise. If you’re not comfortable with these steps or need additional help, it’s always a good idea to consult with a professional. You can contact me at admin @ linuxwebhostingsupport.in

Section 5: Best Practices for SSL Configuration on Ubuntu 22.04 with Apache2

Here are some tips and best practices for configuring SSL on Ubuntu 22.04 with Apache2:

1. Keep SSL certificates up to date: Make sure to renew your SSL certificates before they expire. This can be done through the certificate authority where you purchased the certificate. Keeping your SSL certificates up to date will ensure that your website visitors are not presented with security warnings or errors.

2. Configure Apache2 for HTTPS-only access: Configure your web server to only serve HTTPS traffic. This can be done by redirecting all HTTP traffic to HTTPS. To do this, add the following lines to your Apache virtual host configuration or. htaccess file:

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]

3. Use secure ciphers and protocols: Use secure ciphers and protocols to protect the confidentiality and integrity of your website traffic. Disable weak ciphers and protocols such as SSLv2 and SSLv3. Use TLSv1.2 or higher, and prefer the use of forward secrecy. You can configure this in your Apache virtual host configuration file by adding the following lines:

SSLProtocol -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 +TLSv1.2
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
SSLHonorCipherOrder on

You can find more detailed instruction on making your SSL configuration strong and best practices in the below post:

Strong TLS/SSL Security on your server

By following these best practices, you can ensure that your SSL configuration is secure and up to date.

Section 6. Summary

In this tutorial, we discussed how to install and configure SSL certificates on Ubuntu 22.04 with Apache2. We covered the different types of SSL certificates, the steps for obtaining and installing an SSL certificate, and how to configure Apache2 to use the SSL certificate. We also discussed how to create virtual hosts for both SSL and non-SSL sites and how to troubleshoot SSL issues.

It’s important to emphasize the importance of SSL for website security and user trust. SSL encryption helps protect sensitive information, such as passwords and credit card numbers, from being intercepted by attackers. Additionally, having a valid SSL certificate gives users confidence that they are interacting with a legitimate website and not an imposter.

To follow best practices for SSL configuration, it’s recommended to keep SSL certificates up to date, configure Apache2 for HTTPS-only access, and use secure ciphers and protocols. By following these best practices, website owners can help ensure the security and trustworthiness of their website.

Password protect phpMyAdmin through CentOS Web panel(CWP)

By wahab

On May 16, 2018

In Linux server

phpMyAdmin is installed with CentOS Web Panel. By default, it is not protected and there is only MySQL user authentication. This can put your server vulnerable. So it is recommended to add additional layer protection.

phpMyAdmin is available through the following url in a CWP based server.

http:/hostname/phpmyadmin
http:/hostname:2030/pma

CWP panel runs its core services through its own version of Nginx. So normal htaccess based password protection will not work.

Create the Password File

You can do this by using the OpenSSL utilities that may already be available on your server. Alternatively, you can use the purpose-made htpasswd utility included in the apache2-utils package(Debian/ubuntu) or httpd-tools(Redhat/Centos).

Using OpenSSL Utilities

We will create a hidden file called .pma_pass /usr/local/cwpsrv/var/services/ folder. You can use any username. I am using dbadmin here as an example

sudo sh -c "echo -n 'dbadmin:' >> /usr/local/cwpsrv/var/services/.pma_pass"

Next, add an encrypted password entry for the username by typing:

sudo sh -c "openssl passwd -apr1 >> /usr/local/cwpsrv/var/services/.pma_pass"

Using Apache Utilities

This tool is already installed and available on all CWP servers.

/usr/local/apache/bin/htpasswd -c /usr/local/cwpsrv/var/services/.pma_pass dbadmin

Configure Nginx Password Authentication

We will need to configure Nginx to read this file before serving our protected content.
CWP Service Nginx configuration file: /usr/local/cwpsrv/conf/cwp_services.conf

Open the above file add the following to the location block of phpMyAdmin.

auth_basic “Admin Login”;
auth_basic_user_file /usr/local/cwpsrv/var/services/pma_pass;

So the full block should look like this now.

location /pma {
    root /usr/local/cwpsrv/var/services;
    index  index.html index.htm index.php;
    ModSecurityEnabled off;
    ModSecurityConfig /usr/local/cwpsrv/conf/security/conf/pma_rules.conf;

    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_read_timeout 600;
        fastcgi_pass    unix:/usr/local/cwp/php71/var/sockets/cwpsvc.sock;
        fastcgi_index   index.php;
        fastcgi_param   SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        fastcgi_param   SCRIPT_NAME   $fastcgi_script_name;
        include                 fastcgi_params;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        access_log    off;
        log_not_found    off;
        expires 1M;
    }

       auth_basic "Admin Login";
       auth_basic_user_file /usr/local/cwpsrv/var/services/.pma_pass;
}

Restart CWP nginx service by below commands

systemctl restart cwpsrv.service

Confirm the Password Authentication

To confirm that your content is protected, try to access your restricted content in a web browser. You should be presented with a username and password prompt

Apache: Multiple SSL websites on a single IP address

By wahab

On July 2, 2013

In Cpanel and WHM, Linux server, Plesk

Apache: Multiple SSL websites on a single IP address

Update: This is a new update from a cPanel Tech
“There is nothing to enable. As long as you are using cPanel & WHM version 11.38 on CentOS, RHEL, or CloudLinux version 6 or newer, SNI works out of the box”.

One of the frustrating limitations in supporting secure websites has been the inability to share IP addresses among SSL websites.
When website administrators and IT personnel are restricted to use a single SSL Certificate per socket (combination of IP Address and socket) it can cost a lot of money. Well we can actually share IP addresses for multiple secure websites. Solving this limitation required an extension to the Transport Layer Security (TLS) protocol that includes the addition of what hostname a client is connecting to when a handshake is initiated with a web server. The name of the extension is Server Name Indication (SNI). SNI is supported in Apache v2.2.12 , and OpenSSL v0.9.8j or later.

With SNI, you can have many virtual hosts sharing the same IP address and port, and each one can have its own unique certificate

Prerequisites to use SNI

Use OpenSSL 0.9.8f or later
Build OpenSSL with the TLS Extensions option enabled (option enable-tlsext; OpenSSL 0.9.8k and later has this enabled by default).
Apache must have been built with that OpenSSL (./configure –with-ssl=/path/to/your/openssl). In that case, mod_ssl will automatically detect the availability of the TLS extensions and support SNI.
Apache must use that OpenSSL at run-time, which might require setting LD_LIBRARY_PATH or equivalent to point to that OpenSSL, maybe in bin/envvars. (You’ll get unresolved symbol errors at Apache startup if Apache was built with SNI but isn’t finding the right openssl libraries at run-time.)

Setting up SNI with Apache

The configuration is pretty simple and straight forward, though I recommend making a backup of your existing httpd.conf file before proceeding.

# Ensure that Apache listens on port 443
Listen 443

# Listen for virtual host requests on all IP addresses
NameVirtualHost *:443

# Go ahead and accept connections for these vhosts
# from non-SNI clients
SSLStrictSNIVHostCheck off

# Because this virtual host is defined first, it will
# be used as the default if the hostname is not received
# in the SSL handshake, e.g. if the browser doesn't support
# SNI.
DocumentRoot /www/example2
ServerName www.linuxwebhostingsupport.in

# Other directives here
SSLEngine On
SSLCertificateFile /path/to/linuxwebhostingsupport.in.crt
SSLCertificateKeyFile /path/to/linuxwebhostingsupport.in.key
SSLCertificateChainFile /path/to/CA.crt

DocumentRoot /www/example2
ServerName www.abdulwahabmp.co.in

# Other directives here
SSLEngine On
SSLCertificateFile /path/to/abdulwahabmp.co.in.crt
SSLCertificateKeyFile /path/to/abdulwahabmp.co.in.key
SSLCertificateChainFile /path/to/CA.crt

That it!!!. Just restart APache service. Now go and check your Websites using https. That should be working.

Plesk support SNI from 10.2.x version onwards.

SNI will work on following Operating systems out of box

OpenSuSE Linux 11.3 or later.
Ubuntu Linux 10.4 or later.
Debian Linux 6.0 or later.
RedHat Linux 6.0 or later.
CentOS Linux 60.0 or later

Supported Desktop Browsers
Internet Explorer 7 and later
Firefox 2 and later
Opera 8 with TLS 1.1 enabled
Google Chrome:
Supported on Windows XP on Chrome 6 and later
Supported on Vista and later by default
OS X 10.5.7 in Chrome Version 5.0.342.0 and later
Chromium 11.0.696.28 and later
Safari 2.1 and later (requires OS X 10.5.6 and later or Windows Vista and later).
Note: No versions of Internet Explorer on Windows XP support SNI

Empowering you with the knowledge to master Linux web hosting, DevOps and Cloud

Tag: secure

How to Install nopCommerce on Ubuntu Linux with Nginx Reverse Proxy and SSL: Step-by-Step Guide

How to install SSL with Apache on Ubuntu

Section 1: Installing Apache2 on Ubuntu 22.04

Section 2: Installing SSL Certificate on Ubuntu 22.04 with Apache2

Section 3: Testing SSL on Ubuntu 22.04 with Apache2

Section 4. Troubleshooting SSL on Ubuntu 22.04 with Apache2

Section 5: Best Practices for SSL Configuration on Ubuntu 22.04 with Apache2

Section 6. Summary

Password protect phpMyAdmin through CentOS Web panel(CWP)

Apache: Multiple SSL websites on a single IP address