httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: [users@httpd] Enabling HTTP and HTTPs
Date Tue, 27 Oct 2009 10:15:03 GMT
Tom Evans wrote:
> On Tue, 2009-10-27 at 07:28 +0100, André Warnier wrote:
>> Krist van Besien wrote:
>>> On Mon, Oct 26, 2009 at 9:01 PM, André Warnier <aw@ice-sa.com> wrote:
>>>> The other way I could think of would be to use virtual hosts, like
>>>>
>>>> Listen 80 HTTP
>>>> Listen 443 HTTPS
>>>>
>>>> NameVirtualHost *:80
>>>> <VirtualHost *:80>
>>>> ...
>>>> </VirtualHost>
>>>>
>>>> NameVirtualHost *:443
>>>> <VirtualHost *:443>
>>>> ... (SSL-based config)
>>>> </VirtualHost>
>>> You don't need the NameVirtualHost directives.
>> Uh ?
>> "If name-based vhosts should be used a NameVirtualHost directive /must/ 
>> appear with the IP address set to be used for the name-based vhosts. In 
>> other words, you must specify the IP address that holds the hostname 
>> aliases (CNAMEs) for your name-based vhosts via a NameVirtualHost 
>> directive in your configuration file."
>>
>> http://httpd.apache.org/docs/2.2/vhosts/details.html
>>
>>
> 
> But if you only have two vhosts, and each of them on a different port,
> then you would not need them to be name based vhosts, and that entire
> paragraph is moot :)
> 
> Without the NameVirtualHost directives, it is just a simple IP based
> virtual host.
> 
Well, kind of, but one could argue about this. ;-)
It seems to me that we are just at the grey line in-between here.
Maybe I should have added one more HTTP VirtualHost in my example, just 
to settle it.

It's not really IP-based virtual hosts either, because there is no 
distinction on IP address here.  If there were several IPs to this 
(physical) host, it would treat requests on any of them equally.

I'm not quite sure about this last paragraph.  I think there might be 
problems with certificates linked to different IP addresses.  But since 
I'm no SSL expert either, I'm not even sure if SSL certificates are 
linked to IP addresses, or just to hostnames.

To answer Kris :
I know it does not really "work", that's why I mentioned it as a hack. 
But it will default for HTTPS to the one and only <VirtualHost *:443>, 
so it will kinda appear to work for practical purposes.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message