httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Duane Winner <du...@duanewinner.net>
Subject Re: [users@httpd] NameVirtualHost Directive - - - - Multiple SSL virtual hosts
Date Fri, 04 Jun 2010 22:23:11 GMT
On Fri, Jun 4, 2010 at 6:10 PM, Jeff Shearer <jeff@shearer-family.org>wrote:

> I have an Apache 2.2 server sitting on a box with one physical address and
> multiple virtual addresses.  The physical address servers my name-based
> virtual hosts where as the virtual addresses server ip-based virtual hosts.
>   I read about the NameVirtualHost directive and tried to implement it but
> it seems it does nothing but cause error messages.  I tried to put into the
> main server config near my listen directives and received an error that
> there was no virtual host despite the fact that there are more than one
> virtual host.
>
> I also tried to put it just before each of the virtual host directives and
> received errors.
>
> Is this directive needed, everything seems to work fine with out it.
>

What are the error messages?

For your physical address serving your virtual hosts you should have:

Listen your-physical-ip:80
Listen your-physical-ip:443
NameVirtualHost your-physical-ip7:80
NameVirtualHost your physical-ip:443
...

Then for each virtual host served by physical IP, all you need is:

<VirtualHost virtual.host.fqdn:80>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>

<VirtualHost virtual.host.fqdn:443>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>

Also, for each virtual host, you'll need an entry in /etc/hosts:

your-physical-ip     virtual.host.fqdn1
your-physical-ip     virtual.host.fqdn2
etc.


>
>
> In a related matter.  I am having trouble implementing a second https
> server one of virtual ip addresses.  Both domains have permanent redirects
> to the https port.  However, the second ssl server does not even show up
> when I conduct a port scan on its ip address.  Yet both have the same SSL
> configuration elements.  I have compared the two configurations and I see
> absolutely no difference except of course the SSL certificate and server key
> targets.
>
> When I disable the permanent redirect, I have not trouble getting to the
> domain on port 80.



> Is it  possible to run 2 https servers using different virtual addresses on
> the same physical server?
>

Yes -- it's not recommended by apache, but it's done.

The clients will either get warnings about the certificate being invalid, or
you can get a wildcard certificate if all your virtual ssl hosts use the
same domain name (box1.mydomain.com, box2.mydomain,com, box3.mydomain.com,
etc.). Apache still doesn't like this and will spit warnings, but it works.





>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

Mime
View raw message