httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rainer Jung <>
Subject Re: [users@httpd] Options for multiple SSL domains on 1 server
Date Mon, 04 Oct 2010 19:39:30 GMT
On 04.10.2010 21:00, Igor Galić wrote:
> ----- "Grant"<>  wrote:
>>>> The "virtualhost for each SSL host" is what I mean by separate
>>>> apache2
>>>> configs.  I'd like to be able to define different domain names on
>> the
>>>> fly within my perl scripts without changing apache2 config.  Maybe
>>>> we're just not there yet?
>>> You can also use things like mod_macro to enable that kind of
>> flexibility.
>> I looked at mod_macro but it seems to essentially be a framework for
>> setting and reading variable values within the apache2 config files.
>> What I'd like to do is allow new SSL domains to be defined from the
>> web in an automatic fashion without the need for SSH access.  At this
>> point I'm thinking something that generates a new vhost config file
>> for each domain name would be perfect.  It could use a template for
>> each file and just change the IP address and SSL certificate/key
>> references.  Does something like this exist?
> Aaaha...
> An (SSL) VHost is just a couple of lines.. depending on your setup
> either the IP/Cert/ServerName (IP Based) or only the ServerName
> (SubjectAltName)
> One way or the other, you can define a pattern:
> <Macro SSLVhost $servername $ip>
>      <VirtualHost $ip:443>
>          ServerName $servername
>          DocumentRoot /srv/web/$servername/htdocs
>          SSLEngine On
>          SSLCertificateChainFile /etc/pki/ssl/$servername.pem
>          ErrorLog /var/log/httpd/$servername/error_log
>      </VirtualHost>
> </Macro>
> , and then
> Use SSLVhost servername IP
> In some or the other file. That's one line you have to add -- and then you do an
> apachectl graceful.

I vaguely remember some kind of limitation concerning mod_macro and 
VirtualHost. I think you can define the contents of the VirtualHost 
container by a macro, but not the container itself, so e.g.

<Macro SSLVhost $servername>
          ServerName $servername
          DocumentRoot /srv/web/$servername/htdocs
          SSLEngine On
          SSLCertificateChainFile /etc/pki/ssl/$servername.pem
          ErrorLog /var/log/httpd/$servername/error_log

and then

<VirtualHost IP1:443>
   SSLVHost name1

<VirtualHost IP2:443>
   SSLVHost name2


I could be wrong though.



The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message