Hi folks, at last everything is working as expected. I can specify as many NAME BASED SSL-Virtual Hosts for the same IP-adress.
PLEASE DO NOTE THAT THIS IS JUST A TEST / DEVELOPMENT-SETUP AND THAT THE SSL-CONNECTION IS NOT SECURE (please refer to the previous explanations in this thread). However, if you need to setup a server with multiple NAME-BASED SSL-virtual hosts but you have only one IP-adress available and you don't want to use different ports than :443, than this might be a working example for you: OS: Debian Sarge Apache: 2.0.55 apache2.conf: -------------------- NameVirtualHost *:80 NameVirtualHost *:443 /etc/site-available/host1 ---------------------------------- ServerName host1 <VirtualHost *:80> ServerName host1 ServerAdmin [EMAIL PROTECTED] # don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts UseCanonicalName Off # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug ServerSignature Off CustomLog /var/log/apache2/host1.log combined ErrorLog /var/log/apache2/host1_error.log # RewriteEngine On RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 RewriteLog /var/log/apache2/host1_rewrite.log RewriteLogLevel 9 </VirtualHost> <VirtualHost *:443> ServerName host1 ServerAdmin [EMAIL PROTECTED] # don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts UseCanonicalName Off # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug ServerSignature Off CustomLog /var/log/apache2/host1-ssl_access.log combined ErrorLog /var/log/apache2/host1-ssl_error.log # SSL SSLEngine On SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /etc/apache2/ssl/host1.crt SSLCertificateKeyFile /etc/apache2/ssl/host1.key DocumentRoot /var/www/ssl/host1 <Directory /var/www/ssl/host1> Options FollowSymLinks AllowOverride None Options -Indexes FollowSymLinks MultiViews AllowOverride None Order deny,allow allow from all </Directory> </VirtualHost> /etc/site-available/host2 ---------------------------------- ServerName host2 <VirtualHost *:80> ServerName host2 ServerAdmin [EMAIL PROTECTED] # don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts UseCanonicalName Off # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug ServerSignature Off CustomLog /var/log/apache2/host2.log combined ErrorLog /var/log/apache2/host2_error.log # RewriteEngine On RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 RewriteLog /var/log/apache2/host2_rewrite.log RewriteLogLevel 9 </VirtualHost> <VirtualHost *:443> ServerName host2 ServerAdmin [EMAIL PROTECTED] # don't loose time with IP address lookups HostnameLookups Off # needed for named virtual hosts UseCanonicalName Off # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel debug ServerSignature Off CustomLog /var/log/apache2/host2-ssl_access.log combined ErrorLog /var/log/apache2/host2-ssl_error.log # SSL SSLEngine On SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /etc/apache2/ssl/host1.crt SSLCertificateKeyFile /etc/apache2/ssl/host1.key DocumentRoot /var/www/ssl/host2 <Directory /var/www/ssl/host2> Options FollowSymLinks AllowOverride None Options -Indexes FollowSymLinks MultiViews AllowOverride None Order deny,allow allow from all </Directory> </VirtualHost> I've ommitted the authorization-stuff since we're using mod_auth_cookie_mysql with a homegrown SSO-solution with Tomcat which might not be too interesting for most list-members. Like above, you can define as many NameBased Virtual Hosts on ONE IP as you like for TEST AND DEVELOPMENT. Again, bear in mind that this is NOT A SAFE SSL-CONNECTION. Besides, the browser will warn you about an invalid SSL-cert. Hopefully somebody finds this helpful. Last, many thanks to Joshua and the other list-members for his help figuring this out! Greg -- what's puzzlin' you, is the nature of my game --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
