NameVirtualHost 192.168.0.12:80
NameVirtualHost 192.168.0.12:443
and I also changed the virtual host section to use 192.168.0.12 instead of the 192.168.0.13 ip address. Tried to go back to the ssl page and..... it still failed. I am pulling my hair out! This is so frustrating! Does anyone have any more information to share with me?
Thanks,
Dave
Dave Henderson <[EMAIL PROTECTED]> wrote:
Date: Thu, 29 Jun 2006 07:30:50 -0700 (PDT)
From: Dave Henderson <[EMAIL PROTECTED]>
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] apache and ssl
Ok, if I try to separate them, I will have to modify my NameVirtualHost definition file to something like:
NameVirtualHost: 192.168.0.12:*
or
NameVirtualHost: 192.168.0.12
but if I do that, I get error messages when I try to stop and restart the server:
[Thu Jun 29 10:27:31 2006] [error] VirtualHost 192.168.0.12:80 -- mixing * ports and non-* ports with a NameVirtualHost address is not supported, proceeding with undefined results
Do I need to modify my "Listen" definition to be something like:
Listen 192.168.0.12:80
Listen 192.168.0.12:443
Thanks,
Dave
(Sorry for direct response, I didn't know you were being sent an email as well)
Pid <[EMAIL PROTECTED]> wrote:Date: Thu, 29 Jun 2006 15:06:29 +0100
From: Pid <[EMAIL PROTECTED]>
To: Dave Henderson <[EMAIL PROTECTED]>
Subject: Re: [EMAIL PROTECTED] apache and ssl
I don't think you gain anything by separating the IPs if they're
actually on one physical connection.
(reply to the list only please)
Dave Henderson wrote:
> I do have two NameVirtualHost definitions:
>
> NameVirtualHost 192.168.0.12:80
> NameVirtualHost 192.168.0.13:443
>
> On my firewall, I have port 80 traffic going to 192.168.0.12 and 443
> traffic going to 192.168.0.13. Both ip's are used on the same server by
> way of assigning multiple ip addresses to one nic. Should I change my
> vhost definitions to use on the 192.168.0.12 ip address instead of using
> the two shown above?
>
> Thanks,
> Dave
>
>
>
> */Pid/* wrote:
>
> Does anyone else think that this is wrong?
>
> SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt
> SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key
> >> SSLCACertificateFile /etc/apache2/ssl/root/sitename.com.crt
>
> It looks like you're telling it that the Certificate Authority is the
> same file as the Certificate itself. I could be wrong tho.
>
>
>
> As regards to the VHost defs: it depends what you've got in front of the
> server in the way of DNS or loadbalancers.
>
> Your domain name can only resolve to point at one IP address (unless
> you're using load balancers or proxies etc etc). So any request for the
> SSL port of demo.sitename.com is going to arrive at the same IP as the
> port 80 connection.
>
> http://demo.sitename.com > IP1
> https://demo.sitename.com > Still IP1
>
>
> (Have you set "NameVirtualHost" or not?)
>
>
>
> Dave Henderson wrote:
> > I am wondering if the virtual host definitions are wrong. Can I do the
> > following (even though the ServerName options have the same
> value)? Can
> > I use the IP addresses like I have done below?
> >
> >
> >
> > ServerAdmin [EMAIL PROTECTED]
> > ServerName demo.sitename.com
> > DocumentRoot /var/www/sitename.com/demo
> >
> > # This should be changed to whatever you set DocumentRoot to.
> >
> > Options Indexes Includes
> > AllowOverride Options
> > Order allow,deny
> > Allow from all
> >
> > ErrorLog /var/log/apache2/sitename.com/demo/error.log
> > CustomLog /var/log/apache2/sitename.com/demo/access.log common
> > CustomLog /var/log/apache2/sitename.com/demo/referer.log referer
> > CustomLog /var/log/apache2/sitename.com/demo/agent.log agent
> >
> > # Possible values: debug, info, notice, warn, error, crit,
> > alert, emerg.
> > LogLevel warn
> >
> > ServerSignature On
> >
> >
> >
> >
> > ServerAdmin [EMAIL PROTECTED]
> > ServerName demo.sitename.com
> > DocumentRoot /var/www/sitename.com/demo/ssl
> >
> > # SSL specifications
> > SSLEngine On
> > SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt
> > SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key
> > SSLCACertificateFile /etc/apache2/ssl/root/sitename.com.crt
> > SSLCipherSuite SSLv2:+HIGH:+MEDIUM
> > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> >
> > # SSLVerifyClient require
> > # SSLVerifyDepth 1
> > # CustomLog /var/log/apache2/ssl \ "%t %h %{SSL_PROTOCOL}x
> > %{SSL_CIPHER}x$
> > #
> > # SSLCipherSuite SSLv2:+HIGH:+MEDIUM
> > # SSLVerifyClient require
> > # SSLVerifyDepth 1
> > #
> >
> > # This should be changed to whatever you set DocumentRoot to.
> >
> > Options Indexes Includes
> > AllowOverride Options
> > Order allow,deny
> > Allow from all
> >
> > ErrorLog /var/log/apache2/sitename.com/demo/error.log
> > CustomLog /var/log/apache2/sitename.com/demo/access.log common
> > CustomLog /var/log/apache2/sitename.com/demo/referer.log referer
> > CustomLog /var/log/apache2/sitename.com/demo/agent.log agent
> >
> > # Possible values: debug, info, notice, warn, error, crit,
> > alert, emerg.
> > LogLevel warn
> >
> > ServerSignature On
> >
> >
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> " from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
