httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hans <h...@ezpear.com>
Subject [users@httpd] problem with NAT, Public IP's and SSL cert
Date Sat, 27 Oct 2007 08:33:12 GMT
Hi!
I 've checked many websites and forums as well as books but I cannot 
find solution for my problem.
I have one server behind NAT(pfsense firewall), until last week I was 
using one IP for all virtual hosts.
My conf was:
Namevirtualhost *:80
<Virtualhost *:80>
Namevirutalhost *:443
<VirtualHost *:443>

In last week our customer requested to put new ssl cert for him with his 
own IP. I created VIP and forwarded to ports:80 and 443.
But I have problem with configuration.

Before few words about my future conf, during next few weeks I will 
install Load Balancing enviroment with 2 identical active/active 
webservers which conf created is automatically from mysql database. Both 
machine will be behind NAT and need to use only public IP's is 
configuration for virtual hosts. I cannot use for virtualhost eg. 
192.168.2.10,192.168.2.11(because for vhost generated will be only 
public IP 65.65.65.65).

So back to my question. I wanted change confiuguration from *:80 (*:443) 
to public 65.65.65.65:80 (65.65.65.65:443). But when I tried access 
websites it always directed me to default website. I tried <127.0.0.1:80 
65.65.65.65:80> the same effect.
On the end I tried <192.168.2.10:80 65.65.65.65.80> (the same for 443) 
and it works correctly (I mean I can access to each vhost) except that 
my customer doesn't get his own ssl cert but shared between rest from 
default domain (I guess it takes cert from first virtual domain).
How can I force Apache to use only public IP's (without LAN IP) behind 
NAT and it correctly find virtual hosts ?

Regards,
Hans



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message