Drupal 10, the latest version of the open-source digital experience platform with even more features, is here.Aegir 6.x-2.0 refuses to provision a second site and recycle the certificate unless the server has a free IP address. Using SNI I should be able to do this.
(NB: SNI will not work for non-SNI browsers so no IE7+Windows XP or old Android clients.)
The notice and error messages from Aegir when trying to save the site are,
- Any changes will take effect once the scheduled Verify task has been processed.
- Task verify was added to the queue. Next queue run is 07:43:12+1300, server time is 07:42:57+1300.
- cleaning up unused certificate 0 associated with site 1185
- Site site1.example.org has been updated.
Error:
- Unable to allocate IP address for certificate, disabling SSL. Allocate more IP addresses to this server then try to enable SSL again.
Check for this is in hosting_ssl_save_key() in web_server/ssl/hosting_ssl.nodeapi.inc, and hosting_ip_allocate() is in server/hosting.ip.inc
Comments
Comment #1
xurizaemonComment #2
anarcat CreditAttribution: anarcat commentedClarifying the issue here - we certainly were permitting this in 1.x, and this is a regression.
Note that there's a dev-sni branch in hosting for SNI (#1926520: Support Server Name Indication (SNI) for SSL) which I think may fix the issue, can you try it out?
Also, please keep SNI implementation discussions in #1926520: Support Server Name Indication (SNI) for SSL.
Comment #3
anarcat CreditAttribution: anarcat commentedactually, reading again the original issue submitted, it seems that this is really about SNI - "Aegir 6.x-2.0 refuses to provision a second site and recycle the certificate unless the server has a free IP address. Using SNI I should be able to do this."
SNI is not currently implemented, see #1926520: Support Server Name Indication (SNI) for SSL.
Comment #4
anarcat CreditAttribution: anarcat commented