How do I test sites on a new server?

Help
1

I’m not a server guy. I own a few forum based websites that are hosted on a dedicated, managed server. My server guy was able to install Let’s Encrypt SSL certificates for my forums and they have been running on https:// for a good while now without problem.

My server is old though and my server guy has acquired new hardware to host my forum sites. I want to upgrade the forum software on the new hardware before ditching the old server.

Currently DNS points to my sites on the existing (old) server hardware. New hardware is in the rack and I can access them if I modify my hosts file to point to the new IP addresses.

My issue is that when I try to access the sites on the new hardware/IP, my browser throws up connection errors and I’m 99.9% sure it’s because of some issue with the SSL certification.

How can I privately access, test and modify my sites on the new IP address/hardware while the old sites are still public on the existing hardware/IP/DNS? I tried to access them over http: instead of https:, but the forums have https:// paths coded into the database. I don’t see any easy way to unwind the https:// configurations.

Is it possible to edit/update an SSL certification to list two IP addresses as valid? I hope that question even makes sense. I don’t really know how this works.

2

Let's Encrypt TLS certificates don't encode IP addresses in them, it is not allowed. The browser checks the hostname in the address bar with the hostname(s) in the certificate. When those match, all is good. The IP address of the server doesn't matter.

What I didn't get from your post is: did you copy the certificate from the old to the new server?

2 Likes
3

Hi @cwe

your certificate doesn't know something about your ip address. So you can use the same certificate with different ip addresses and different servers.

There are two steps:

  • First, copy privkey.pem / fullchain.pem to the new server and modfiy your vHost, so that vHost uses these files.
  • Second, use my online tool with the ip address and your domain name as hostname ( https://check-your-website.server-daten.de/ ). That's the reason I've added the additional hostname field.

So it's possible to check a new ip address (ipv4 or ipv6), perhaps with a new server without having a DNS A or AAAA record.

If a browser connects t a domain, in reality, the browser does the same: Connecting the ip address and sending the hostname as additional field.

1 Like
4

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.