Re: [users@httpd] httpd2 vhost & ssl configuration problem

[pat]

Okay my goal was to host different subdomains like: me.example.com and 
she.example.com. I thought I am able to provide the same cert for all 
subdomains (wildcard ssl cert).
I hoped if someone connects to http://me.example.com is automatically by 
the me VH config "forwarded" to https://me.example.com.

But this didn't work. I had a lot of different strange behaviors.
Now I made a little hack (which is okay for me).

I set up all the VH like <VirtualHost *:443> (changed the port from 80 
to 443). Then I set the option SSLRequireSSL to all "Root"-Directories 
from my VH's.

If now someone connects to http://sub.domain.com instead of using ssl, I 
made a RewriteRule on the default VH:80:
       RewriteEngine On
       RewriteCond %{HTTPS} !on
       RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R]

And so, everyone is automatically forwarded from http to https and the 
right subdomain and request uri.

Additionally I had to add "NameVirtualHost *:443" (thanks to 
johns_[at]_msli.com from this ML).

Now everything works for my purposes :)


Boyle Owen wrote:
-----Original Message-----
From: pat [mailto:[EMAIL PROTECTED] 
Sent: Wednesday, February 20, 2008 9:15 AM
To: users@httpd.apache.org
Subject: Re: [EMAIL PROTECTED] httpd2 vhost & ssl configuration problem

I searched my config files for that line, but there was 
obviously none. 
I added it to the default_ssl_vhost.conf after "Listen 443".
If I know connect to https:443 it works correctly and the 
right content 
is shown :)
But if I connect to http:80 is shows the default 
DocumentRoot. Can you 
give me an advice, how to achieve http:80 forwarding to https:443?
    

What are you actually trying to achieve? Is it to have only an HTTPS
site so that https://mysite/ loads your preferred docroot and
http://mysite/ redirects to that also?

If so, all you need is 

<vh:80>
        RedirectMatch ^(.*)$ https://mysite/$1
</vh>

<vh:443>
        DocumentRoot /my/favourite/docroot
</vh>


If not, please explain what your required end-result is...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

  
[EMAIL PROTECTED] wrote:
    
Do you have a line like this outside your virtual host scope
NameVirtualHost *:443

On Wed, 2008-02-20 at 08:09 +1300, PingBad wrote:
  
      
On Wednesday 20 February 2008 00:10, pat wrote:

    
        
Hello
      
I have a problem with the apache2 configuration if I want 
          
to combine
    
      
vhost and ssl settings.
      
My apache opts: APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE
      
          
-D

    
        
SSL -D SSL_DEFAULT_VHOST -D PHP5 -D PERL -D PYTHON -D SUEXEC"
      
This is my vhost config:
      
<IfDefine SSL_DEFAULT_VHOST>
      
<IfModule ssl_module>
      
<VirtualHost *:80>
      
ServerName host.company.com
      
DirectoryIndex index.php index.html
      
DocumentRoot "/var/www/localhost/htdocs/host-company-com"
      
ServerAlias host.company.com *.host.company.com
      
ErrorLog /var/log/apache2/vhosts/error_log
      
CustomLog /var/log/apache2/vhosts/access_log common
      
<Directory "/var/www/localhost/htdocs/host-company-com">
      
SSLRequireSSL
      
Options Indexes FollowSymLinks
      
AllowOverride None
      
Order allow,deny
      
Allow from all
      
</Directory>
      
</VirtualHost>
      
Now my problem is that if I connect to 
          
http://host.company.com works
    
      
(the content from /var/www/localhost/htdocs/host-company-com is
      
          
shown),

    
        
but if I connect to https://host.company.com it doesn't work
      
          
correctly

    
        
and the content from /var/www/localhost/htdocs/ (default
      
          
DocumentRoot)

    
        
is shown.
      
Why? I want to have ssl support for my vhost 
          
"host.company.com" but
    
      
apache forwards to the wrong DocumentRoot.
      
Does anyone have an idea, what the problem is?
      
Thank you and best regards,
      
pat
      
          
---------------------------------------------------------------------
    
    
        
The official User-To-User support forum of the Apache HTTP Server
      
          
Project.

    
        
See <URL:http://httpd.apache.org/userslist.html> for more info.
      
To unsubscribe, e-mail: [EMAIL PROTECTED]
      
" from the digest: [EMAIL PROTECTED]
      
For additional commands, e-mail: [EMAIL PROTECTED]
      
          
Did you setup a VirtualHost for port 443?

<VirtualHost *:443>

ServerName host.company.com

DirectoryIndex index.php index.html

DocumentRoot "/var/www/localhost/htdocs/host-company-com"

ServerAlias host.company.com *.host.company.com

ErrorLog /var/log/apache2/vhosts/error_log

CustomLog /var/log/apache2/vhosts/access_log common

<Directory "/var/www/localhost/htdocs/host-company-com">

SSLRequireSSL

Options Indexes FollowSymLinks

AllowOverride None

Order allow,deny

Allow from all

</Directory>

</VirtualHost>

HTTP and HTTPS use 2 different ports.

--

PingBad,

IRC Fanatic

    
        
CONFIDENTIALITY NOTICE:  This electronic mail message and 
      
any attachment hereto may contain confidential information of 
Meyer Sound Laboratories, Incorporated and is intended for 
the personal and confidential use of the designated 
recipient(s) only.  If you are not the intended recipient (or 
responsible for delivering the message to the intended 
recipient), you have received this message in error and any 
review, distribution, or copying of this message or any 
attachment hereto is prohibited.  If you have received this 
message in error, please promptly notify the sender and 
permanently delete it from your computer.
    
      
---------------------------------------------------------------------
    
The official User-To-User support forum of the Apache HTTP 
      
Server Project.
    
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

  
      
--
Patrick Grieshaber
http://www.ng-lab.org
[EMAIL PROTECTED]
[EMAIL PROTECTED]


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP 
Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

    
 
 
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. The sender's company reserves the right to monitor all e-mail communications through their networks.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
   "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


  


--
Patrick Grieshaber
http://www.ng-lab.org
[EMAIL PROTECTED]
[EMAIL PROTECTED]


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]