El Martes, 20 de Enero de 2009 21:21:37 Brian Mearns escribió:
> On Tue, Jan 20, 2009 at 3:17 PM, John Oliver <joli...@john-oliver.net> wrote:
> > If it would turn out to be easier to do this another way, that's fine.
> > But I remember it as always having been a no-no to even try to get SSL
> > working with VirtualHosts.
> >
>
> Not at all, it's really just name based vhosts that cause problems for
> SSL, because only one host gets picked to present the certificate,
> which means all the hosts have to use the same certificate. However,
> as far as I understand, if you use ip-address or port-based vhosts,
> then this shouldn't be a problem. Apache can easily find the correct
> vhost if it's only base on ip address and port number, it's just that
> it can't try to find a name-based vhost until the SSL decryption has
> occured.
>
True. You can even use NameVirtualHosts with SSL (TLS) with apache 2.2, but
few browsers support the SNI extension to the TLS protocol as of today.
So, you can certainly get this to work as you have one IP per VirtualHost, it
should be quite straightforward.
I'm not familiar with the RHEL init scripts. However, looking at yours it seems
to me that you need to change more things if you want to get those two
instances work independently. For instance, you should also change your
httpd.conf to set the new PidFile to /var/run/httpd2.pid. You should read the
/etc/rc.d/init.d/functions file to understand better what this script is really
doing (like those killproc functions that would likely kill both instances when
you try to stop just one).
As for the httpd=${HTTPD-/usr/sbin/httpd}, it means that httpd is set to
whatever $HTTPD is and if it is not set, take /usr/sbin/httpd. I guess HTTPD if
set anywhere, that place would be /etc/sysconfig/httpd2.
In conclusion, I would go for the virtualhost solution, too much hassle
otherwise.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
