httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "joe pond" <digger...@hotmail.com>
Subject Re: [users@httpd] multiple vhosts on port 80 and port 443
Date Thu, 19 Oct 2006 19:11:38 GMT
Hi Gregor,

the following config info may be of some use.  I have my win2k server 
running Apache 2.2.3, ssl, etc using port 80 and port 443.

The following configuration setup enables me to have multiple vhost on port 
80 and multiple vhosts on port 443 and I can require login/password or not 
for either port 80 or port 443.

Hope this is useful.

digger920


Apache2.2.X, SSL, Vhosts

I use include files to make troubleshooting a bit easier.

In httpd.conf

Listen 192.168.10.4:80
Listen 192.168.10.4:443

LoadModule ssl_module modules/mod_ssl.so



# Virtual hosts
Include conf/extra/httpd-vhosts.conf

# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

<IfModule ssl_module>
SSLMutex default
SSLSessionCache none
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

========================

In httpd-vhosts.conf

NameVirtualHost *:80

<VirtualHost *:80>
    ServerAdmin whoever@where-ever
    ServerName juneau
    DocumentRoot "C:/Server/Apache2.2/htdocs"

    #ErrorLog logs/dummy-host.example.com-error_log
    #CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin whoever@where-ever
    ServerName ASite
    #ServerAlias Test1
    DocumentRoot "C:/Server/Apache2.2/htdocs/www/A-Site"

    #ErrorLog logs/dummy-host2.example.com-error_log
    #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>

<VirtualHost *:80>
    ServerAdmin whoever@where-ever
    ServerName secure
    DocumentRoot "C:/Locked"
    <Directory /Locked>
    AuthType Basic
    AuthName "Locked Test"
    AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
    Require user testuser
    Order allow,deny
			Allow from all
    </Directory>
    #ErrorLog logs/dummy-host2.example.com-error_log
    #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>

==================================

In httpd-ssl.conf

NameVirtualHost *:443

##  SSL Global Context

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLSessionCache        shmcb:c:/server/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout  300

## SSL Virtual Host Context

<VirtualHost *:443>

#   General setup for the virtual host
		ServerName juneau
		ServerAdmin whoever@where-ever
		DocumentRoot "c:/SecureToo/"

		<Directory /SecureToo>
			Order allow,deny
			Allow from all
		</Directory>


		ErrorLog c:/server/apache2.2/logs/vhost_SSL_error_log.log
		TransferLog c:/server/apache2.2/logs/vhost_SSL_access_log.log


#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
SSLEngine on

SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile c:/server/apache2.2/conf/ssl/juneau.crt

SSLCertificateKeyFile c:/server/apache2.2/conf/ssl/juneau.key

SSLCertificateChainFile c:/server/apache2.2/conf/ssl/juneau.crt

<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/server/apache2.2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog c:/server/apache2.2/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

<VirtualHost *:443>
    ServerAdmin whoever@when-ever
    ServerName secure
    DocumentRoot "C:/Locked/"
# Directory lines only used if you want to do login stuff
    <Directory /Locked>
    AuthType Basic
    AuthName "Locked Test"
    AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
    Require user user
    Order allow,deny
			Allow from all
    </Directory>
    #ErrorLog logs/dummy-host2.example.com-error_log
    #CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>



>From: "Gregor Schneider" <rc46fi@googlemail.com>
>Reply-To: users@httpd.apache.org
>To: users@httpd.apache.org
>Subject: Re: [users@httpd] multiple vhosts on port 80 and port 443
>Date: Thu, 19 Oct 2006 19:30:37 +0200
>
>Joshua.
>
>
>
>On 10/19/06, Joshua Slive <joshua@slive.ca> wrote:
>>
>>That's fine.  But then you should post your best attempt at the proper
>>config.  Not some garbage you are guessing at that has no resemblance
>>at all to the docs that you say you read.  (I can't imagine how you
>>could have read those docs and come up with the config you posted.)
>
>
>I posted the "garbage" since I  didn't want my post to blow up and bug the
>members of this lis (I know that quite some guys dislike if somebody is
>posting the complete configs).
>
>The docs didn't help me in that way since they just scratch the surface of 
>a
>propper NameBased VHost config - what I'm missing here are some "real
>world-examples". I know that a lot of the Apache-developers that are
>contributung to the docs do this for free, and I really appreciate this,
>however, not everybody using Apache has the in-depth-knowledge like the
>contributors, and, most of the people also don't have the time to obtain
>this in-depth-knowledge.
>You see, we're a financial company, and I'm really trying my best to
>convince ppl to ouse Open Source, and that really takes a lot of effort.
>But I'm lost of all arguments if I don't have docs which are understandable
>with some real world examples or, worst (loke Tomcat) I sometimes have to
>debug the code to understand the principles.
>
>The easy way would have been using IIS, where our corporate website is
>running on...
>
>Anyways, you aksed for itm here you got it:
>
>Again. Apache 2.0.55, Debian Sarge
>
>This is from my apache2.conf:
>
>NameVirtualHost test-dom:80
>NameVirtualHost test-dom:443
>NameVirtualHost test-clue:80
>NameVirtualHost test-ltc:80
>
>Those are my vhost-defs (I'm ommitting some parts of which I think that 
>they
>are not important).
>
><VirtualHost test-dom:80>
>        ServerAdmin webmaster@localhost
>        ServerName test-dom
>        # don't loose time with IP address lookups
>        HostnameLookups Off
>        # needed for named virtual hosts
>        UseCanonicalName Off
>        # Possible values include: debug, info, notice, warn, error, crit,
>        # alert, emerg.
>        LogLevel debug
>        ServerSignature Off
>        CustomLog /var/log/apache2/dom_access.log combined
>        ErrorLog /var/log/apache2/dom_error.log
>        #
>        RewriteEngine On
>        RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1
>        RewriteLog /var/log/apache2/dom_rewrite.log
>        RewriteLogLevel 9
></VirtualHost>
><VirtualHost test-dom:443>
>        ServerAdmin webmaster@localhost
>        ServerName test-dom
>        # don't loose time with IP address lookups
>        HostnameLookups Off
>        # needed for named virtual hosts
>        UseCanonicalName Off
>        # Possible values include: debug, info, notice, warn, error, crit,
>        # alert, emerg.
>        LogLevel debug
>        ServerSignature Off
>        CustomLog /var/log/apache2/dom-ssl_access.log combined
>        ErrorLog /var/log/apache2/dom-ssl_error.log
>[ ... ]
>        # SSL
>        SSLEngine On
>        SSLCipherSuite HIGH:MEDIUM
>        SSLCertificateFile    /etc/apache2/ssl/dom.crt
>        SSLCertificateKeyFile /etc/apache2/ssl/dom.key
>        DocumentRoot /var/www/ssl/dom
>        <Directory /var/www/ssl/dom>
>                Options FollowSymLinks
>                AllowOverride None
>                AuthName "DOM_Auth"
>                AuthType Cookie
>                CookieAuth on
>                CookieAuth_DBhost localhost
>                CookieAuth_DBName apacheSSO
>                CookieAuth_DBtable inter_sessions
>                CookieAuth_DBUser test
>                CookieAuth_DBPassword test
>                CookieAuth_UsernameField username
>                CookieAuth_SessnameField sessname
>                CookieAuth_SessvalField sesskey
>                CookieAuth_CookieName JSESSIONIDSSO
>                CookieAuth_ExpiryField expiry
>#               CookieAuth_RemoteIPField remoteip
>                CookieAuth_FailureURL /SingleSignOn
>                require valid-user
>                Options -Indexes FollowSymLinks MultiViews
>                AllowOverride None
>                Order deny,allow
>                allow from all
>        </Directory>
>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
><Directory "/usr/lib/cgi-bin">
>        AllowOverride None
>        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
>        Order allow,deny
>        Deny from all
></Directory>
></VirtualHost>
>
>
><VirtualHost test-clue:80>
>        ServerAdmin webmaster@localhost
>        ServerName test-clue
>        # don't loose time with IP address lookups
>        HostnameLookups Off
>        # needed for named virtual hosts
>         UseCanonicalName Off
>        # Possible values include: debug, info, notice, warn, error, crit,
>        # alert, emerg.
>        LogLevel debug
>        ServerSignature Off
>        CustomLog /var/log/apache2/clue-ssl_access.log combined
>        ErrorLog /var/log/apache2/clue-ssl_error.log
>        # SSL
>        # SSLEngine On
>        # SSLCipherSuite HIGH:MEDIUM
>        # SSLCertificateFile    /etc/apache2/ssl/dom.crt
>        # SSLCertificateKeyFile /etc/apache2/ssl/dom.key
>        DocumentRoot /var/www/ssl/clue
>        <Directory /var/www/ssl/clue>
>                Options FollowSymLinks
>                AllowOverride None
>                AuthName "CLUE_Auth"
>                AuthType Cookie
>                CookieAuth on
>                CookieAuth_DBhost localhost
>                CookieAuth_DBName apacheSSO
>                CookieAuth_DBtable inter_sessions
>                CookieAuth_DBUser test
>                CookieAuth_DBPassword test
>                CookieAuth_UsernameField username
>                CookieAuth_SessnameField sessname
>                CookieAuth_SessvalField sesskey
>                CookieAuth_CookieName JSESSIONIDSSO
>                CookieAuth_ExpiryField expiry
>#               CookieAuth_RemoteIPField remoteip
>                CookieAuth_FailureURL /SingleSignOn
>                require valid-user
>                Options -Indexes FollowSymLinks MultiViews
>                AllowOverride None
>                Order deny,allow
>                allow from all
>        </Directory>
>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
><Directory "/usr/lib/cgi-bin">
>        AllowOverride None
>        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
>        Order allow,deny
>        Deny from all
></Directory>
></VirtualHost>
>
><VirtualHost test-ltc:80>
>        ServerAdmin webmaster@localhost
>        ServerName test-ltc
>        # don't loose time with IP address lookups
>        HostnameLookups Off
>        # needed for named virtual hosts
>         UseCanonicalName Off
>        # Possible values include: debug, info, notice, warn, error, crit,
>        # alert, emerg.
>        LogLevel debug
>        ServerSignature Off
>        CustomLog /var/log/apache2/ltc-ssl_access.log combined
>        ErrorLog /var/log/apache2/ltc-ssl_error.log
>        # SSL
>        # SSLEngine On
>        # SSLCipherSuite HIGH:MEDIUM
>        # SSLCertificateFile    /etc/apache2/ssl/dom.crt
>        # SSLCertificateKeyFile /etc/apache2/ssl/dom.key
>        DocumentRoot /var/www/ssl/ltc
>        <Directory /var/www/ssl/ltc>
>                Options FollowSymLinks
>                AllowOverride None
>                AuthName "LTC_Auth"
>                AuthType Cookie
>                CookieAuth on
>                CookieAuth_DBhost localhost
>                CookieAuth_DBName apacheSSO
>                CookieAuth_DBtable inter_sessions
>                CookieAuth_DBUser test
>                CookieAuth_DBPassword test
>                CookieAuth_UsernameField username
>                CookieAuth_SessnameField sessname
>                CookieAuth_SessvalField sesskey
>                CookieAuth_CookieName JSESSIONIDSSO
>                CookieAuth_ExpiryField expiry
>#               CookieAuth_RemoteIPField remoteip
>                CookieAuth_FailureURL /SingleSignOn
>                require valid-user
>                Options -Indexes FollowSymLinks MultiViews
>                AllowOverride None
>                Order deny,allow
>                allow from all
>        </Directory>
>ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
><Directory "/usr/lib/cgi-bin">
>        AllowOverride None
>        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
>        Order allow,deny
>        Deny from all
></Directory>
></VirtualHost>
>
>I've ommitted the jkmount-directives since I believe they are of no use for
>you at all.
>
>I'd be happy (and I do NOT mean this in an ironic way) if you could point 
>me
>to the point in the docs which tells me where my error is.
>
>Again, when starting apache, currently I'm getting the following warning:
>
>dekold4712:/etc/apache2/sites-available# /etc/init.d/apache2 restart
>Forcing reload of web server: Apache2apache2: Could not determine the
>server's fully qualified domain name, using 10.170.202.5 for ServerName
>[Thu Oct 19 19:13:23 2006] [warn] NameVirtualHost test-clue:80 has no
>VirtualHosts
>[Thu Oct 19 19:13:23 2006] [warn] NameVirtualHost test-ltc:80 has no
>VirtualHosts
>apache2: Could not determine the server's fully qualified domain name, 
>using
>10.170.202.5 for ServerName
>[Thu Oct 19 19:13:24 2006] [warn] NameVirtualHost test-clue:80 has no
>VirtualHosts
>[Thu Oct 19 19:13:24 2006] [warn] NameVirtualHost test-ltc:80 has no
>VirtualHosts
>
>Cheers
>
>Greg
>--
>what's puzzlin' you, is the nature of my game

_________________________________________________________________
Use your PC to make calls at very low rates 
https://voiceoam.pcs.v2s.live.com/partnerredirect.aspx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message