{
my $status = $roundcube{'status'} || "disabled";
if (($port eq "80") ){
    $OUT = <<"_EOL";
        # PORT FORWARD FROM 80 TO: 443
        ServerName  $virtualHost
_EOL

    $OUT .= <<_EOL;
        ServerAlias
        SSLProxyEngine On
        RewriteEngine on
        RewriteCond %\{REQUEST_URI\} !^/.well-known/acme-challenge [NC]
        RewriteCond %\{HTTPS\} off
        RewriteRule ^/(.*) https://%\{HTTP_HOST\}/$1 [NC,R,L]
_EOL

}
else {

    use esmith::DomainsDB;
    my $domains = esmith::DomainsDB->open_ro;
    my $ssl_file_crt = $domains->get_prop($virtualHost, "DomainSSLCertificateFile") || "disabled";
    my $ssl_file_key = $domains->get_prop($virtualHost, "DomainSSLCertificateKeyFile") || "disabled";
    my $ssl_file_chain = $domains->get_prop($virtualHost, "DomainSSLCertificateChainFile") || "disabled";
    my $DocRoot = "/usr/share/roundcubemail/public_html";

    $OUT = <<"_EOL";
    ServerName $VirtualHost
    DocumentRoot  $DocRoot
    SSLEngine On
    SSLCompression off
_EOL

    $OUT .= "    SSLCertificateFile $ssl_file_crt\n" unless $ssl_file_crt eq 'disabled';
    $OUT .= "    SSLCertificateChainFile $ssl_file_chain\n" unless $ssl_file_chain eq 'disabled';
    $OUT .= "    SSLCertificateKeyFile $ssl_file_key\n" unless ( $ssl_file_key eq 'disabled' || ! -e $ssl_file_chain );

}

