httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Smallacombe ...@3.am>
Subject Re: [users@httpd] Silly SSL vhost problem
Date Fri, 12 Feb 2010 19:41:33 GMT

Please disregard this...of all the things I didn;t check...the DNS! Doh!

On Fri, 12 Feb 2010, James Smallacombe wrote:

>
> Hi:
>
> I've been running various apache's for years, including with multiple SSL 
> vhosts, etc.  I have three separate SSL vhosts on this particular 
> Apache/2.2.11 installation, and for some reason, of the three SSL vhosts 
> below, ssl2.our.domain works fine, www.customer.domain works fine, but 
> ssl.our.domain doesn't.  It loads the certificate AND document foor from 
> ssl2.our.domain.  They are each on different IPs as well.
>
> Here is the httpd-ssl.conf file of the box.  I must be doing something wrong, 
> but I haven't figured out what yet, so any clues would be appreciated. IPs 
> and host names changed for obvious reasons:
>
> -----
> Listen *:443
>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl    .crl
>
> SSLPassPhraseDialog exec:/path/to/ssl/passphrase/file
> SSLSessionCache        "shmcb:/var/run/ssl_scache(512000)"
> SSLSessionCacheTimeout  300
>
> SSLMutex  "file:/var/run/ssl_mutex"
>
> <VirtualHost 10.1.1.1:443>
>
> DocumentRoot "/usr/local/www/apache22/data"
> ServerName ssl2.our.domain:443
> ServerAdmin webmaster@our.domain
> ErrorLog "/var/log/httpd-error.log"
> TransferLog "/var/log/httpd-access.log"
> php_admin_value suhosin.executor.func.blacklist  (truncated)
> SSLEngine on
>
> SSLCipherSuite 
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.crt"
>
> SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.key"
>
> BrowserMatch ".*MSIE.*" \
>         nokeepalive ssl-unclean-shutdown \
>         downgrade-1.0 force-response-1.0
>
> CustomLog "/var/log/httpd-ssl_request.log" \
>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
>
> <VirtualHost 10.1.1.2:443>
> DocumentRoot /usr/local/apache/htdocs/subdir
> ServerName ssl.our.domain:443
> SSLEngine on
> SSLCipherSuite 
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl.our.domain.crt"
> SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl.our.domain.key"
> CustomLog "/var/log/httpd-ssl_request.log" \
>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> </VirtualHost>
>
> <VirtualHost 10.1.1.3:443>
> SSLEngine on
> SSLCipherSuite 
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> ServerAdmin webmaster@customer.domain
> SuexecUserGroup someuser somegroup
> DocumentRoot /home/servers/customer.domain/pages
> ServerName www.customer.domain:443
> HostnameLookups Off
> CustomLog /home/servers/customer.domain/access_log combined
> ScriptAlias /cgi-bin/ "/home/servers/customer.domain/cgi-bin/"
> SSLCertificateFile /usr/local/etc/apache22/ssl/www.customer.domain.crt
> SSLCertificateKeyFile /usr/local/etc/apache22/ssl/www.customer.domain.key
> </VirtualHost>
>
>
> James Smallacombe		      PlantageNet, Inc. CEO and Janitor
> up@3.am							    http://3.am
> =========================================================================
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>  "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

James Smallacombe		      PlantageNet, Inc. CEO and Janitor
up@3.am							    http://3.am
=========================================================================

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message