On Mon, Apr 16, 2012 at 4:51 PM, Mikhail T. <[email protected]> wrote:
> On 16.04.2012 11:40, Tom Evans wrote:
>
> They can. Excerpt from my httpd.conf:
>
> Your excerpt does not show different DocumentRoots -- nor any other
> settings... Could you show more contents? What is the Apache version you are
> using? In all my attempts, Apache a) issues a pointless warning about
> multiple SSL vhosts on the same IP/port; b) uses the settings (including
> DocumentRoot) from the first vhost encountered for all of them.
>
Er, OK:
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:443>
ServerName rc.xxxxxx.com
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.crt
SSLCertificateKeyFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.key
SSLCACertificateFile /etc/ssl/xxxxxx/ca.crt
ErrorDocument 403 /errors/certneeded.html
Alias /errors /usr/local/etc/apache22/xxxxxxerrors
SSLVerifyClient optional
<LocationMatch ^(?!/errors/)>
SSLRequire %{SSL_CLIENT_VERIFY} eq "SUCCESS"
SSLVerifyClient optional
</LocationMatch>
SSLVerifyDepth 1
SSLCARevocationFile /etc/ssl/xxxxxx/ca.crl
SSLOptions +StdEnvVars
SSLUserName SSL_CLIENT_S_DN_Email
RequestHeader set X-SSL-Enabled 1
DocumentRoot /usr/home/tom/projects/rc/htdocs
<Directory /usr/home/tom/projects/rc/htdocs>
Order allow,deny
Allow from all
</Directory>
#CustomLog /var/log/httpd-ssl-rc.log "%t %h %{SSL_PROTOCOL}x
%{SSL_CIPHER}x \"%r\" %b"
SetEnv proxy-nokeepalive 1
RewriteEngine on
RewriteCond %{REQUEST_URI} !^/favicon.ico
RewriteCond %{REQUEST_URI} !^/media
RewriteCond %{REQUEST_URI} !^/amedia
RewriteCond %{REQUEST_URI} !^/errors
RewriteRule ^/(.*)$ /rc.fcgi/$1 [QSA,L]
FastCGIExternalServer /usr/home/tom/projects/rc/htdocs/rc.fcgi
-socket /usr/home/tom/projects/rc/run/rc.socket
</VirtualHost>
<VirtualHost *:443>
ServerName sab.xxxxxx.com
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.crt
SSLCertificateKeyFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.key
SSLCACertificateFile /etc/ssl/xxxxxx/ca.crt
SSLVerifyClient optional
ErrorDocument 403 /errors/certneeded.html
Alias /errors /usr/local/etc/apache22/xxxxxxerrors
<LocationMatch ^(?!/errors/)>
SSLRequire %{SSL_CLIENT_VERIFY} eq "SUCCESS"
SSLVerifyClient optional
</LocationMatch>
SSLVerifyDepth 1
SSLCARevocationFile /etc/ssl/xxxxxx/ca.crl
SSLUserName SSL_CLIENT_S_DN_Email
SSLOptions +StdEnvVars
RequestHeader set X-SSL-Enabled 1
DocumentRoot /var/empty
<Directory /var/empty>
Order allow,deny
Allow from all
</Directory>
ProxyPass /errors !
ProxyPass / http://ethan.xxxxxx.com:8085/sabnzbd/ retry=0
ProxyPassReverse / http://ethan.xxxxxx.com:8085/sabnzbd/
SetEnv proxy-nokeepalive 1
</VirtualHost>
<VirtualHost *:443>
ServerName svn.xxxxxx.com
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.crt
SSLCertificateKeyFile /etc/ssl/xxxxxx/star.xxxxxx.com/apache.key
SSLCACertificateFile /etc/ssl/xxxxxx/ca.crt
SSLVerifyClient optional
ErrorDocument 403 /errors/certneeded.html
Alias /errors /usr/local/etc/apache22/xxxxxxerrors
<Location />
DAV svn
SVNPath /tank/svn/repos/devel
</Location>
<LocationMatch ^(?!/errors/)>
SSLRequire %{SSL_CLIENT_VERIFY} eq "SUCCESS"
SSLVerifyClient optional
</LocationMatch>
SSLVerifyDepth 1
SSLCARevocationFile /etc/ssl/xxxxxx/ca.crl
SSLUserName SSL_CLIENT_S_DN_Email
</VirtualHost>
This is httpd 2.2.21 btw
Cheers
Tom
