httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Leif W" <warp-...@usa.net>
Subject Re: [users@httpd] Separate Instances of Apache for SSL/Non-SSL Sites
Date Fri, 05 Sep 2003 19:33:54 GMT
----- Original Message ----- 
From: "Jason P Holland" <jholland@cs.selu.edu>
To: <users@httpd.apache.org>
Sent: Friday, September 05, 2003 11:39 AM
Subject: [users@httpd] Separate Instances of Apache for SSL/Non-SSL Sites


>
> Hello everyone,
>   We are trying to setup a single machine, with a single ip, to host
> multiple ssl and non-ssl based websites.  I'm aware of the limitations of
> that, and thought I could get around it by having 2 instances of apache.
> The first instance would be for the non-ssl websites, and of course, the
> second for ssl enabled sites only.  Each respective instance would be
> using virtual hosts as well.

If you're using multiple SSL sites on one IP you have only two options, both
guided by the fact that you must have a unique IP:port pair for each
SSL-enabled site.  The most elegant IMHO is to use non-standard ports i.e.
4300+.  Search the list archives as I've expounded upon this a few times.
The other option is to use a single secure site, but have the domain as the
first part of the path after the URI.  eg. http://secure.site.com/site2/ .
There's no need to run two instances of Apache.

Leif

> Our machine is running RH9 with apache 2.0.40-21.3.  I've setup the
> following:
>
> for non-ssl based sites, just use the config default files and binary
> /etc/httpd
> /etc/init.d/httpd
> /usr/sbin/httpd
>
> for ssl-based sites, i copied the above files and dirs and modifed so that
> ssl is enabled, and nothing else, including any port changes and things
> that might point to the old httpd binary.  I made a copy of the httpd
> binary as httpd-ssl
> /etc/httpd-ssl
> /etc/init.d/httpd-ssl
> /usr/sbin/httpd-ssl
> /etc/sysconfig/httpd-ssl
>
> I've modified the httpd.conf files so that they respectively startup what
> they need.  I can get the non ssl sites to come up fine, but I cannot seem
> to get the ssl based site to come up
>
> [root@source conf.d]# service httpd-ssl start
> Starting httpd-ssl: (98)Address already in use: make_sock: could not bind
> to address 192.168.1.3:443
> no listening sockets available, shutting down
>                                                            [FAILED]
> [root@source conf.d]#
>
> There is nothing listening on port 443 according to netstat -lnp, so I'm
> baffled as to why there is a problem with apache starting up.  I even
> tried shutting down the non-ssl enabled site, so NO other httpd processes
> are running, and it still won't start up.
>
> Could someone offer some help?  Possibly take a look at my config files,
> or recommend a site to look at?  I've google'd for this, but haven't found
> a solution that works.
>
> This error seems to point to the fact that something is running on that
> port, but as I mentioned, nothing is.  Thanks for any help!
>
> Jason
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message