httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wang Penghui <wangpeng...@realss.com>
Subject [users@httpd] Re: Namebased vhost with ssl on one of the hosts
Date Thu, 21 Oct 2004 14:32:13 GMT
Joshua Slive wrote:
> On Thu, 21 Oct 2004 10:51:13 +0800, Wang Penghui <wangpenghui@realss.com> wrote:
> 
>>Hi all:
>>
>>I have a apache installation with name-based virutal hosts. It has many
>>virtual hosts. Now i want to add ssl to one of them.
>>For example:
>>I have three hosts in this server.
>>aaa.example.com
>>bbb.example.com
>>ccc.example.com
>>Now i want to add ssl to aaa.example.com, and bbb ,ccc continue listen
>>on port 80.
>>
>>Is it POSSIBLE? And how could i implement it?
> 
> 
> You can setup an ordinary IP/port based virtual host on port 443 and enable SSL.
> 
> But this virtual host will respond to all the hostnames that are
> mapped to that IP address.  The bbb and ccc name will get
> bad-certificate errors if you use a certificate for aaa.
> 
> There is no way to have only aaa listen on port 80, since the hostname
> is not known until after the SSL negotiation.
> 
> Joshua.
> 
Thank you for you response.
But i did as follow steps, everything seems well working now.
1.Create a CA,private key,Cert Request(aaa.example.com),and Signed the CSR.
2.Install the private key, and certifation  correctly.
3.Configure vhost.conf like follow:
------vhost.conf---------
NameVirtualHost *:80
<VirtualHost *:80>
ServerName aaa.example.com
DocumentRoot /var/www/localhost/htdocs/aaa/
</VirtualHost>
<VirtualHost *:80>
ServerName bbb.example.com
DocumentRoot /var/www/localhost/htdocs/bbb/
</VirtualHost>
<VirtualHost *:443>
ServerName ccc.example.com
DocumentRoot /var/www/ccc/
ErrorLog logs/ssl_error_log
<IfModule mod_log_config.c>
TransferLog logs/ssl_access_log
</IfModule>
SSLEngine on
SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl/server.crt
SSLCertificateKeyFile conf/ssl/server.key
<Files ~ "\.(cgi|shtml|phtml|php?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/localhost/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
<IfModule mod_setenvif.c>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</IfModule>
<IfModule mod_log_config.c>
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteOptions inherit
</IfModule>
</VirtualHost>
------------vhost.conf---------------

4.Restart apache with ssl

everything works well, no warning. no error.

Why? I am blind with it now.

Thanks

Wang Penghui


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message