Support

ulises · #1 01-19-2009, 05:23 AM

Hi

I hope you guys can help me on this one

I'm running litespeed Load balancer and I'm having problems setting up 2 diferents listeners with SSL

What i have

2 virtual host -- one site on each

1 Default listener -- with the 2 VH mapped on port 80

and i have created 2 diferents secure listeners to run on port 443 and each listener will have their own SSL CERT; however, Litespeed wont let me to run to listener at the time

I got this error

Code:

2009-01-19 03:03:01.003	ERROR	HttpListener::start(): Can't listen at address ssl-login: Address already in use!
2009-01-19 03:03:01.003	ERROR	HttpServer::addListener(ssl-login) failed to create new listener
2009-01-19 03:03:01.003	ERROR	[config:server:listener:ssl-login] failed to start SSL listener on address *:443!

how can I solve this? -- i need to difenrets sites running its own SSL CERT

mistwang · #2 01-19-2009, 06:40 AM

You need two IPs, and create SSL listener for each individual IP instead of "*:443".

ulises · #3 01-19-2009, 07:06 AM

thanks for your reply

I actually thought that and tried but got the same results

I have two IPs in the LB server

1.2.3.200 -- this is the main IP for the LB server eth0

1.2.3.201 -- this would be eh0:1

I assigned 1.2.3.200 to SSL listener # 1 and works

I assigned 1.2.3.201 to SSL listener # 2 but still get the same error

Code:

2009-01-19 05:01:26.168	ERROR	HttpListener::start(): Can't listen at address ssl-reports: Address already in use!
2009-01-19 05:01:26.168	ERROR	HttpServer::addListener(ssl-reports) failed to create new listener
2009-01-19 05:01:26.168	ERROR	[config:server:listener:ssl-reports] failed to start SSL listener on address 1.2.3..201:443!

do i need to add another IP -- so the SSL's listeners wont use the main IP?

mistwang · #4 01-19-2009, 08:38 AM

For first listener, you have to change it from "*:443" to "1.2.3.200:443"

ulises · #5 01-19-2009, 08:41 AM

yes, I do have it that way

Code:

Running                  ssl-1	      1.2.3.200:443	[vh.com] www.domain1.com domain.com
Error	                      ssl-2	      1.2.3.201:443	N/A

mistwang · #6 01-19-2009, 08:48 AM

Please PM me the login to the web console, I can take a look.

mistwang · #7 01-19-2009, 08:50 AM

I think you need to stop it from command line, the start it again.
no to use "restart" from command line or web console.
Make sure the second IP does exist.

ulises · #8 01-19-2009, 08:57 AM

restaring from command line did it

thx man.

ulises · #9 01-19-2009, 09:03 AM

now i have some other strange problem

site-1 is working ok... however, site-2 seems to be reading the site-1's cert file eventhough the path is correct $SERVER_ROOT/ssl/site-2.crt

I have no errors nor warnings

any ideas?

mistwang · #10 01-19-2009, 09:06 AM

make sure site-1.crt and site-2.crt are not identical.