Note

You are viewing the documentation for an older release of Interworx (8.0). To see documentation for the current generally available release of Interworx, click here: 8.2.

How To: Avoid SSL Cert Mismatches When Accessing SiteWorx

There are two Apache instances on InterWorx servers:

  • The internal Apache instance for the InterWorx GUI, which manages port 2443

  • The server-level Apache instance, which manages port 80 and 442

The SSL certificate for the internal Apache instance , which covers port 2443, can only apply to a single domain. This is most commonly the hostname of the server.

The SSL certificate for a SiteWorx domain only covers port 443.

Because of this difference, when accessing SiteWorx using the domain instead of the hostname, it is common, and expected, to receive an SSL certificate mismatch message in the browser.

This is true when accessing via both https://domain.com/siteworx and https://domain.com:2443/siteworx, since the former redirects to the latter.

This is because the domain is not covered by the internal Apache instance SSL certificate for port 2443. Only the hostname is covered by that SSL certificate. And the domain-level SSL certificate does not cover port 2443.

One recommended way to mitigate this is to have customers access SiteWorx using the hostname instead of their domain– instead of accessing via https://domain.com/siteworx or https://domain.com:2443/siteworx, they instead use https://hostname.com/siteworx or https://hostname.com:2443/siteworx.

Another way to mitigate this, is to set up a redirect so that accessing via https://domain.com/siteworx or https://domain.com:2443/siteworx will automatically redirect to https://hostname.com:2443/siteworx.

To Set Up the Redirect From https://domain.com/siteworx to https://hostname.com:2443/siteworx

  1. Log in to the server at the command line as root, either via SSH or from the terminal

  2. At the CLI, navigate to /etc/httpd/conf.d

    cd /etc/httpd/conf.d

  3. Using a text editor, create a new file 10-iworx.conf. The following uses the Vim text editor

    vim 10-iworx.conf

  4. Add the following, replacing {hostname.com} with the hostname of the server:

    RewriteEngine on
RewriteRule ^/siteworx(/)?$ https://{hostname.com}:2443/siteworx/\?domain=%{HTTP_HOST} [R,L]
RewriteRule ^/nodeworx(/)?$ https://{hostname.com}:2443/nodeworx/ [R,L]

  5. Save the file and exit the text editor

  6. Restart Apache

    systemctl restart httpd