Re: Specifying seprate Document roots for SSL VirtualHosts
They work just fine, and I've been running them for months. The ONLY thing that does not resolve correctly are the certificates, and I have a few ideas as to how to correct that without any changes to the apache-ssl or openssl code..Be patient. "Leland V. Lammert" wrote: Tom, The virtual hosts you have configured will not work. You must have a unique IP/Port combination for EACH SSL server. Use a separate IP for your hosts [or port] and everything will be copasetic. Lee At 01:03 PM 7/27/00, you wrote: I can be more specific: Here's how I have it set for several virtual hosts: VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server1.pem /VirtualHost VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server2.pem /VirtualHost __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Specifying seprate Document roots for SSL VirtualHosts
I can be more specific: Here's how I have it set for several virtual hosts: VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server1.pem ServerAdmin (email address) DocumentRoot /var/www/virtualssl/server1.com ServerNameserver1.com (error logs and aliases) /VirtualHost VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server2.pem ServerAdmin (email address) DocumentRoot /var/www/virtualssl/server2.com ServerNameserver2.com (error logs and aliases) /VirtualHost And so on... It's also absolutely important that the server name resolves. Otherwise, the ip address will display the first virtual host in the httpsd.conf file. Timothy Willard wrote: Each VirtualHost has it's own DocumentRoot. But when trying SSL it goes to the main servers document root. Take a look at these directives in my conf file VirtualHost X.X.X.X DocumentRoot c:\orahome1\apache\apache\vhost1 ServerName www.vhost3.com ErrorLog c:\x\x\x\x-error_log /VirtualHost Then down further I have a section: ## ## SSL VIRTUAL HOST CONTEXT ## VirtualHost_default_:443 DocumentRoot "c:\OraHome1\Apache\Apache\htdocs" When using a ssl port it will always default to this directory. I was wondering if there are any directives that will override this Tom Nichols wrote: Tim Willard wrote: Hi, I am using name based VirtualHosts. Is it possible to specify a separate SSL document root for each virtual host. I understand that name based must all use the same certificate etc. But must they use the same document root. Thanks Tim __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] Yes, you can providing you add the line "DocumentRoot wherever" in the section of the VH VirtualHost 1.1.1.1:443 DocumentRoot /var/myserver.com ServerNamemyserver.com ErrorLog, etc... SSLetc /VirtualHost __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Specifying seprate Document roots for SSL VirtualHosts
Oh, I see. I run two deamons when a site has secure and non-secure pages on a single server. The first is /usr/contrib/bin/apachectl, which uses the /var/www/conf/httpd.conf. For virtual sites that have non-ssl pages, I have to place the same virtual host information (without ssl options) in that httpd.conf as well. Otherwise, any calls will resolve to the first of default area. I find maintaining two config files easier than putting VH for port 80 and VH for port 443 in one. Besides, my VH's are quite numerous. And in some cases, they are on different physical servers anyway. Hope this helps. Timothy Willard wrote: That seems to work fine for 443 only. When I attempt to go to port 80 it shows the main server (displays the default DocumentRoot) . When you say resolve do you mean in apache or on the client. The client is using a hosts file for name resolution. Thanks for the assistance. Tim Tom Nichols wrote: I can be more specific: Here's how I have it set for several virtual hosts: VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server1.pem ServerAdmin (email address) DocumentRoot /var/www/virtualssl/server1.com ServerNameserver1.com (error logs and aliases) /VirtualHost VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server2.pem ServerAdmin (email address) DocumentRoot /var/www/virtualssl/server2.com ServerNameserver2.com (error logs and aliases) /VirtualHost And so on... It's also absolutely important that the server name resolves. Otherwise, the ip address will display the first virtual host in the httpsd.conf file. Timothy Willard wrote: Each VirtualHost has it's own DocumentRoot. But when trying SSL it goes to the main servers document root. Take a look at these directives in my conf file VirtualHost X.X.X.X DocumentRoot c:\orahome1\apache\apache\vhost1 ServerName www.vhost3.com ErrorLog c:\x\x\x\x-error_log /VirtualHost Then down further I have a section: ## ## SSL VIRTUAL HOST CONTEXT ## VirtualHost_default_:443 DocumentRoot "c:\OraHome1\Apache\Apache\htdocs" When using a ssl port it will always default to this directory. I was wondering if there are any directives that will override this Tom Nichols wrote: Tim Willard wrote: Hi, I am using name based VirtualHosts. Is it possible to specify a separate SSL document root for each virtual host. I understand that name based must all use the same certificate etc. But must they use the same document root. Thanks Tim __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] Yes, you can providing you add the line "DocumentRoot wherever" in the section of the VH VirtualHost 1.1.1.1:443 DocumentRoot /var/myserver.com ServerNamemyserver.com ErrorLog, etc... SSLetc /VirtualHost __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Specifying seprate Document roots for SSL VirtualHosts
Tom, The virtual hosts you have configured will not work. You must have a unique IP/Port combination for EACH SSL server. Use a separate IP for your hosts [or port] and everything will be copasetic. Lee At 01:03 PM 7/27/00, you wrote: I can be more specific: Here's how I have it set for several virtual hosts: VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server1.pem /VirtualHost VirtualHost 10.10.10.10:443 SSLEnable SSLCertificateFile /usr/local/apache/certificate_location server2.pem /VirtualHost __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]