On Tue, Jan 20, 2009 at 09:55:03PM +0100, Miguel Angel Tormo Alfaro wrote:
> El Martes, 20 de Enero de 2009 21:21:37 Brian Mearns escribió:
> > On Tue, Jan 20, 2009 at 3:17 PM, John Oliver <joli...@john-oliver.net>
> > wrote:
> > > If it would turn out to be easier to do this another way, that's fine.
> > > But I remember it as always having been a no-no to even try to get SSL
> > > working with VirtualHosts.
> > >
> >
> > Not at all, it's really just name based vhosts that cause problems for
> > SSL, because only one host gets picked to present the certificate,
> > which means all the hosts have to use the same certificate. However,
> > as far as I understand, if you use ip-address or port-based vhosts,
> > then this shouldn't be a problem. Apache can easily find the correct
> > vhost if it's only base on ip address and port number, it's just that
> > it can't try to find a name-based vhost until the SSL decryption has
> > occured.
> >
> True. You can even use NameVirtualHosts with SSL (TLS) with apache 2.2, but
> few browsers support the SNI extension to the TLS protocol as of today.
> So, you can certainly get this to work as you have one IP per VirtualHost, it
> should be quite straightforward.
>
> I'm not familiar with the RHEL init scripts. However, looking at yours it
> seems to me that you need to change more things if you want to get those two
> instances work independently. For instance, you should also change your
> httpd.conf to set the new PidFile to /var/run/httpd2.pid
I have done so.
> You should read the /etc/rc.d/init.d/functions file to understand better what
> this script is really doing (like those killproc functions that would likely
> kill both instances when you try to stop just one).
Why, when each instance has it's own pidfile?
I have read through the functions for more clues, but an awful lot of it
looks like a money banging on a keyboard :-)
> As for the httpd=${HTTPD-/usr/sbin/httpd}, it means that httpd is set to
> whatever $HTTPD is and if it is not set, take /usr/sbin/httpd. I guess HTTPD
> if set anywhere, that place would be /etc/sysconfig/httpd2.
Well, I should be able to leave that, as /usr/sbin/httpd is what I
want... unless it's impossible for httpd to run two instances each with
it's own pid file, but that doesn't make sense.
> In conclusion, I would go for the virtualhost solution, too much hassle
> otherwise.
Except I lose the ability to stop / start / restart just one site.
If I absolutely have to, I will go that way, but I'm trying to keep
these sites completely separate. That shouldn't be impossible. Back in
the day, I remember machines running dozens of instances of Apache, each
with their own config file, and all could be started, stopped, or broken
beyond all belief completely independantly of each other. I just can't
credit the idea that the Apache developers went out of their way to
break this functionality in newer releases.
--
***********************************************************************
* John Oliver http://www.john-oliver.net/ *
* *
***********************************************************************
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
