httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joey Hewitt <>
Subject Re: [users@httpd] ip aliases and vhosts
Date Sun, 16 May 2004 02:39:55 GMT
Quoting Mark Lowe <>:

> Thats pretty much what i do in terms of rewriting the scheme. I have
> everything working but I was mapping everything to the real ip of the
> server rather than ip aliases. This is also a problem if I need 1 than
> 1 ssl certificate being served from the same box.
> I tried adding the port to the ip in the VirtualHost but no joy.
> I think its lower level that apache, and I need to configure the
> routing of these ip's. The other possibility I guess is dns stuff,
> which i'll also look into. But both seem fit for another list.
> Thanks Mark
> On 14 May 2004, at 23:15, Noel Leistad wrote:
> > The following worked for me, could be we'll both get better ideas,
> > but...
> >
> > Site ALWAYS shows up secure.
> >
> > Followed instructions from CA when they sent the cert.
> >
> > HTH,
> > Noel Leistad
> >
> >> NameVirtualHost
> >> NameVirtualHost
> >> <VirtualHost>
> > <Virtual Host>
> >>     ServerName
> > Redirect /
> >> ..
> >> </VirtualHost>
> >> <VirtualHost>
> > <VirtualHost>
> >>     ServerName
> > SSLEngine On
> > SSLCertificateFile ...
> > SSLCertificateKeyFile ...
> >> ..
> >> </VirtualHost>

I helped Darryl Cook with a similar problem the other day on this list.  See for
what helped him.  In summary, I think the trick is to have two NameVirtualHost
directives, one on port http and the other on https, and to list your
<VirtualHost>'s for each port underneath its corresponding NameVirtualHost. 
Check the thread linked above and my own config file at the link provided in
the above post for details.

Note that I wasn't aware of IP aliasing like you're doing, and maybe it's a
better idea than what I've done.  I'm still wondering if some SSL clients will
reject a connection because of DNS hostname problems if you serve stuff over
http and https on the same IP address.  But I currently don't have my IP addys
correctly reverse-mapped and there's been no problems for anything I've tested
for my personal webmail site...

Someone else also suggested a more complex solution (see -- I
don't know if it works.


This message was sent using IMP, the Internet Messaging Program.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message