httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frédéric Jolliton <ht...@frederic.jolliton.com>
Subject [users@httpd] Are multiple <VirtualHost *:80 *:443> ok with wildcard cert ?
Date Thu, 16 Mar 2006 09:11:37 GMT
Hi,

[I already sent this message to modssl ML, but since it's about
Apache 2 I'm not sure if this place was more appropriate.]

(Apache 2.0.55, Linux 2.6)

I can't find authoritative answer about the following question.

I would like to be sure that I can have multiple VirtualHost
configured simultaneously for HTTP and HTTPS (port 80 and port 443
respectively) as presented below.

If I've a certificate with 'cn' to '*.example.com' and the following
Apache configuration, is that ok ? Currently it works fine, but I'm
not sure if I'm relying on some unspecified/undefined behaviors.

Also, is this dummy VirtualHost (the first one) the correct way to
"force" a given port to answer HTTP instead of HTTPS ? (I know that
it's the other way, where the "first" virtual host with enabled SSL
determine port with HTTPS.)

Again, there is no problems with this config, but I was just wondering
about its validity.

-=-=-
Listen 80
Listen 443

NameVirtualHost *:80
NameVirtualHost *:443

<VirtualHost *:80>
  # Dummy empty VirtualHost to ensure than port 80 is HTTP
</VirtualHost>

<VirtualHost *:80 *:443>
  Include common-ssl.conf
  ServerName foo.example.com
  [..]
</VirtualHost>

<VirtualHost *:80 *:443>
  Include common-ssl.conf
  ServerName bar.example.com
  [..]
</VirtualHost>
-=-=-

and common-ssl.conf contains:

-=-=-
<IfModule mod_ssl.c>
  SSLEngine on
  SSLCertificateFile conf/ssl/web.example.com-cert.pem
  SSLCertificateKeyFile conf/ssl/web.example.com-key.pem
  SSLCertificateChainFile conf/ssl/root-cert.pem
  [.. other SSL options ..]
</IfModule>
-=-=-

-- 
Frédéric Jolliton

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message