pat wrote:
PingBad wrote:
On Wednesday 20 February 2008 00:10, pat wrote:
> Hello
>
> I have a problem with the apache2 configuration if I want to combine
> vhost and ssl settings.
> My apache opts: APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D
> SSL -D SSL_DEFAULT_VHOST -D PHP5 -D PERL -D PYTHON -D SUEXEC"
>
> This is my vhost config:
> <IfDefine SSL_DEFAULT_VHOST>
> <IfModule ssl_module>
> <VirtualHost *:80>
>
> ServerName host.company.com
>
> DirectoryIndex index.php index.html
> DocumentRoot "/var/www/localhost/htdocs/host-company-com"
> ServerAlias host.company.com *.host.company.com
> ErrorLog /var/log/apache2/vhosts/error_log
> CustomLog /var/log/apache2/vhosts/access_log common
>
> <Directory "/var/www/localhost/htdocs/host-company-com">
> SSLRequireSSL
> Options Indexes FollowSymLinks
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
> </VirtualHost>
>
> Now my problem is that if I connect to http://host.company.com works
> (the content from /var/www/localhost/htdocs/host-company-com is shown),
> but if I connect to https://host.company.com it doesn't work correctly
> and the content from /var/www/localhost/htdocs/ (default DocumentRoot)
> is shown.
> Why? I want to have ssl support for my vhost "host.company.com" but
> apache forwards to the wrong DocumentRoot.
> Does anyone have an idea, what the problem is?
>
> Thank you and best regards,
> pat
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> " from the digest: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
Did you setup a VirtualHost for port 443?
<VirtualHost *:443>
ServerName host.company.com
DirectoryIndex index.php index.html
DocumentRoot "/var/www/localhost/htdocs/host-company-com"
ServerAlias host.company.com *.host.company.com
ErrorLog /var/log/apache2/vhosts/error_log
CustomLog /var/log/apache2/vhosts/access_log common
<Directory "/var/www/localhost/htdocs/host-company-com">
SSLRequireSSL
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
</VirtualHost>
HTTP and HTTPS use 2 different ports.
--
PingBad,
IRC Fanatic
Hi PingBad
Yes. there is the "default_ssl_vhost" configured for that:
isten 443
<VirtualHost _default_:443>
ServerName company.com
Include /etc/apache2/vhosts.d/default_vhost.include
ErrorLog /var/log/apache2/ssl_error_log
...
</VirtualHost>
But I followed your advice anyway and changed the port in the current
discussed config to 443. Here's the output:
/etc/init.d/apache2 reload
* Gracefully restarting apache2 ...
apache2: Could not reliably determine the server's fully qualified
domain name, using 127.0.0.1 for ServerName
[Wed Feb 20 02:48:02 2008] [warn] _default_ VirtualHost overlap on port
443, the first has precedence [ ok ]
Now it has a different behavior: If I know connect to http:80 or
https:443, it always shows me the content of the default DocumentRoot
/var/www/localhost/htdocs/ instead of
/var/www/localhost/htdocs/host-company-com.
A bit late in replying and not sure if you have solved your issues. Here
is the way I set up my server. This works for me, also make sure you
emerge apache with SNI support if you want to have different SSL
certificates.
Gentoo, apache 2.2.8
# vim /etc/conf.d/apache2
APACHE2_OPTS="-D DEFAULT_VHOST -D SSL -D SSL_DEFAULT_VHOST -D PROXY ..."
# vim /etc/apache2/vhosts.d/00_default_vhost.conf
...
Listen 80
NameVirtualHost *:80
<VirtualHost _default_:80>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
</VirtualHost>
...
# vim /etc/apache2/vhosts.d/00_default_ssl_vhost.conf
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
...
SSLCertificateFile /etc/apache2/ssl/server_cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/server_privatekey.pem
SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt
...
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCipherSuite AL
SSLCertificateFile /etc/apache2/ssl/domain2.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain2.key
SSLCertificateChainFile /etc/apache2/ssl/domain2.ca-bundle
ServerName domain2:443
...
</VirtualHost>
etc...
#Here we configure domain2 to redirect to https when accessed.
#vim vim /etc/apache2/vhosts.d/domain2.conf
<VirtualHost *:80>
ServerName domain2
DocumentRoot "/var/www/domain2/htdocs/"
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/cgi-bin/git.cgi
https://%{SERVER_NAME}/cgi-bin/git.cgi$1 [L,R]
<Directory "/var/www/domain2/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from xxx.xxx.xxx.xxx
</Directory>
</VirtualHost>
Hope this helps
--
Norman
%>>> "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-83)%26)
for c in ",adym,*)&uzq^zqf" ] )
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]