httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anthony DeCusati <adecus...@ctdlc.org>
Subject [users@httpd] What is the correct way to configure one DocumentRoot that is available both with and without SSL for requests to all hostnames
Date Wed, 14 Aug 2013 14:58:55 GMT
This question is related to one I already posted to Canonical's Launchpad site for Ubuntu support:
https://answers.launchpad.net/ubuntu/+source/apache2/+question/233966

We are using Apache 2.2.22 as provided with Ubuntu 12.04. We are hosting a website for another
company. Our FQDN is something like site5.company.com. The other company also has their DNS
pointing to our IP for their users, something like site.othercompany.com. Both are A records.

We would like to enable SSL but still be able to get to the server without SSL (same content
served from both ports 80 and 443). We would like to use one SSL cert for all hostnames used
to reach the server - so the server should be reachable from site5.company.com and site.othercompany.com,
both using the same cert. We are okay with getting browser warnings when going to site5.company.com.

To be clear, we do not want to distinguish the request by hostname.  We don't care if the
request is for site5.company.com, site.othercompany.com, or foo.bar.  All requests should
get the same content.  The only thing we want to distinguish is the port.  The only difference
should be that if the request is over port 443, then SSL should be enabled.  

So if I understand, I should not need name-based vhosts.  Using the _default_ wildcard, I
shouldn't even need to use the ServerName directive in each vhost, although it may be recommended
to avoid DNS lookups.  However, I would prefer if I did not have to duplicate the same configuration
twice (ports 80 and 443) for all possible hostnames just to add more ServerName directives.
 It seems like there should be a better way.

We have a configuration that seems to work for most clients (posted on Launchpad).  However,
some are unable to connect over SSL.  It seems to be an issue specific to how SSL is implemented
on Ubuntu 12.04.  I would like to clarify how this should correctly be configured.  

I can certainly provide more information if it is necessary, including configuration files.
 I appreciate any help you can provide.

--
Anthony J. DeCusati
adecusati@ctdlc.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message