Questions on how to setup Reverse DNS in bind 9

Spork Schivago sporkschivago at gmail.com
Thu Jul 21 18:00:40 UTC 2016 

Okay, I do think it was working correctly.   I think that's why I was
getting the ERR_SSL_PROTOCOL_ERROR in Chrome when I went to my site when I
had the second IP address added, but other users weren't.  I think the
users getting the error message in Chrome were pulling the second IP
address from their DNS servers, but the people who successfully could go to
their site where getting the first IP address and could successfully see my
site.

I can try to explain the cPanel / Apache stuff a bit better.   I have an
Apache config file, /usr/local/apache/conf/httpd.conf.    There's a bunch
of comments that say don't edit this file directly.   Use the cPanel
interface or the "templates".   cPanel has these templates and we run a
script to rebuild the config file.   It'll automatically populate it with
stuff like:

<VirtualHost 104.238.117.105:443>

I can tell cPanel which IP address to use but I can't pick both of them.
So Apache doesn't have

On Thu, Jul 21, 2016 at 2:49 AM, Matus UHLAR - fantomas <uhlar at fantomas.sk>
wrote:

> On 20.07.16 21:40, Spork Schivago wrote:
>
>> I don't remember the tools, but I know that the way cPanel handles stuff
>> with Apache, it broke my website for me.   Using the cPanel / WHM
>> interface, I could tell Apache to listen on one IP or the other, not both,
>> unfortunately.   Some people (my wife's cell for instance) could make it
>> to
>> my site, but on her laptop, I could not.   I believe this is because I
>> redirect everything to port 443 and the SSL certs were setup for the first
>> IP, not the second.
>>
>
> huh? SSL certs should be created with required hostname, e.g.
> franklin.jetbbs.com in CommonName - not the IPs.
> you just need transfer both public and private keys to other server...
> just watch out if you don't make the private key available to others.
>
>   I believe when I assigned the second IP address to
>> the A record jetbbs.com, sometimes I'd go to the first IP and Apache
>> would
>> pick it up, other times, I'd go to the second IP and Apache wouldn't know
>> how to handle it.   Maybe it was because the SSL certs were created when I
>> only had the one IP, I don't know.   But it really messed things up and I
>> had to remove the second IP again.   I think if I manually edited the
>> httpd.conf file and regenerated the SSL certs, things might have started
>> working.
>>
>
> this is your problem. don't generate ssl keys when adding IPs.
>
>
> --
> Matus UHLAR - fantomas, uhlar at fantomas.sk ; http://www.fantomas.sk/
> Warning: I wish NOT to receive e-mail advertising to this address.
> Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
> We are but packets in the Internet of life (userfriendly.org)
>
> _______________________________________________
> Please visit https://lists.isc.org/mailman/listinfo/bind-users to
> unsubscribe from this list
>
> bind-users mailing list
> bind-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/bind-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20160721/57c27091/attachment.html>

More information about the bind-users mailing list