httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Eggers <mdegg...@gmail.com>
Subject [users@httpd] Re: Virtual Hosts Possible for SSL ?
Date Tue, 01 Oct 2013 23:03:10 GMT
Top-posting, as it seems to be the trend.

This is a portion of how our environment is set up. We have multiple 
virtual hosts, and two with SSL. We run configurations like this on CentOS 
6.4 server with the latest updates.

We use a SAN cert to manage multiple domain names.

Please note that these are snippets. Place the information in the 
appropriate places on your server. Change the information to something 
reasonable.

# httpd.conf
Listen 80

NameVirtualHost external.ip.address.interface:80
NameVirtualHost internal.ip.address.interface:80

<VirtualHost external.ip.address.interface:80>
    ServerName some.server.name
    ServerAdmin someperson@some.server.name
    DocumentRoot /var/www/some
    #
    # Other Directives
    #
</VirtualHost>

<VirtualHost external.ip.address.interface:80>
    ServerName another.server.name
    ServerAdmin anotherperson@another.server.name
    DocumentRoot /var/www/another
    #
    # Other Directives
    #
</VirtualHost>

<VirtualHost external.ip.address.interface:80>
    ServerName three.server.name
    ServerAdmin wee@three.server.name
    DocumentRoot /var/www/wee
    #
    # Other Directives
    #
</VirtualHost>

<VirtualHost internal.ip.address.interface:80>
    ServerName private.server.name
    ServerAdmin personal@some.server.name
    DocumentRoot /var/www/private
    #
    # Other Directives
    #
</VirtualHost>

# ssl.conf
Listen 443
NameVirtualHost external.ip.address.interface:443

# Certs
SSLCertificateFile "san-cert.crt"
SSLCertificateKeyFile "san-cert.key"
SSLCertificateChainFIle "some-middle-man.crt"

# Lots more stuff

<VirtualHost _default:443>
   # logging defaults
   # SSL protocol defaults
   # broken IE defaults
</VirtualHost>

<VirtualHost external.ip.address.interface:443>
    ServerName some.server.name
    ServerAdmin someperson@some.server.name
    DocumentRoot /var/www/some
    #
    # Other Directives
    #
</VirtualHost>

<VirtualHost external.ip.address.interface:443>
    ServerName another.server.name
    ServerAdmin anotherperson@another.server.name
    DocumentRoot /var/www/another
    #
    # Other Directives
    #
</VirtualHost>


This is all happily working (and fronting multiple Tomcat servers). Hope 
this helps . . .

. . . . just my two cents
/mde/

On Tue, 01 Oct 2013 21:06:22 +0100, John McIntyre wrote:

> So I'm still unable to serve that domain2.com  :(
> 
> 
> 
> 
> Le 1 octobre 2013 à 18:04, Nick Tkach a écrit :
> 
>> Okay, if you're not doing ssl on domain2 then, no, that's not related. 
>> I thought maybe from the post title that you were asking about virtual
>> hosts for ssl and that gets complicated depending on exactly what
>> you're trying to do.
>> 
>> 
>> On Tue, Oct 1, 2013 at 11:57 AM, John McIntyre <joh98.mac@gmail.com>
>> wrote:
>> Hi,
>> Thanks for that.  Unfortunately, even after the changes, entering
>> domain2.com on a browser still goes directly to domain1.com.
>> 
>> No, I don't have any intention to do SSL on domain2.com.  Is this
>> causing a problem?
>> 
>> D.
>> 
>> 
>> Le 1 octobre 2013 à 17:29, Nick Tkach a écrit :
>> 
>>> Well, question is, are you trying to have domain2.com *also* do that
>>> same http->https ( http://domain2.com to https://domain2.com )?  If
>>> so, do you have separate certificates for each (domain1 and domain2)?
>>> 
>>> 
>>> On Tue, Oct 1, 2013 at 10:36 AM, Pete Houston <ph1@openstrike.co.uk>
>>> wrote:
>>> On Tue, Oct 01, 2013 at 04:25:05PM +0100, John McIntyre wrote:
>>> > Am I doomed to failiure, or is what I'm trying to do, actually
>>> > possible?
>>> 
>>> No, you are almost there. The problem is that for some reason you have
>>> an asterisk in your VirtualHost declaration for domain2. Change that
>>> the the actual IP address (or hostname since you're using that for the
>>> others) and you should be fine.
>>> 
>>> I'd also swap out the asterisk the NameVirtualHost directive too.
>>> 
>>> HTH,
>>> 
>>> Pete --


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message