Duane,
Thanks for responding to my post. The error message I get from using the
NameVirgualHost command is:
[Sat Jun 05 15:38:49 2010] [warn] NameVirtualHost 192.168.0.93:80 has no
VirtualHosts
Here is a copy and paste right out of my httpd.conf
Listen 192.168.0.93:80
Listen 192.168.0.200:80
NameVirtualHost 192.168.0.93:80
I had in each virtual host configured with the IP address when I received that
error. When I tried your example using the fqdn in the <VirtualHost fqdn.com>
container, I mulitple errors like this:
[Sat Jun 05 15:51:21 2010] [warn] VirtualHost fqdn1.com:80 overlaps with
VirtualHost fqdn2.com:80, the first has precedence, perhaps you need a
NameVirtualHost directive
This is repeated for every name-based virtual host I have until I added the
fqdns to /etc/hosts. However, I still get the error message about
NameVirtualHost 192.168.0.93 has no Virtual Hosts
Concerning your suggestion for the wild card certificate, I see there is a
multi-domain certificate offered that seems like just what I need. I wonder
how I configure my SSLCertificateFile and SSLCertificateKeyFile directives. Do
I simply point these directives to the same files within the different ip-based
virtual hosts? Something like this:
<VirtualHost 192.168.0.200:443>
SSLCertificateFile "/files/server.crt"
SSLCertificateKeyFile "/files/server.key"
</VirtualHost>
<VirtualHost 192.168.0.201:443>
SSLCertificateFile "/files/server.crt"
SSLCertificateKeyFile "/files/server.key"
</VirtualHost>
<VirtualHost 192.168.0.202:443>
SSLCertificateFile "/files/server.crt"
SSLCertificateKeyFile "/files/server.key"
</VirtualHost>
-----Original Message-----
From: "Duane Winner" [du...@duanewinner.net]
Date: 06/04/2010 03:23 PM
To: users@httpd.apache.org
Subject: Re: [us...@httpd] NameVirtualHost Directive - - - - Multiple SSL
virtual hosts
On Fri, Jun 4, 2010 at 6:10 PM, Jeff Shearer <j...@shearer-family.org> wrote:
I have an Apache 2.2 server sitting on a box with one physical address and
multiple virtual addresses. The physical address servers my name-based virtual
hosts where as the virtual addresses server ip-based virtual hosts. I read
about the NameVirtualHost directive and tried to implement it but it seems it
does nothing but cause error messages. I tried to put into the main server
config near my listen directives and received an error that there was no
virtual host despite the fact that there are more than one virtual host.
I also tried to put it just before each of the virtual host directives and
received errors.
Is this directive needed, everything seems to work fine with out it.
What are the error messages?
For your physical address serving your virtual hosts you should have:
Listen your-physical-ip:80
Listen your-physical-ip:443
NameVirtualHost your-physical-ip7:80
NameVirtualHost your physical-ip:443
...
Then for each virtual host served by physical IP, all you need is:
<VirtualHost virtual.host.fqdn:80>
ServerName virtual.host.fqdn
...
</VirtualHost>
<VirtualHost virtual.host.fqdn:443>
ServerName virtual.host.fqdn
...
</VirtualHost>
Also, for each virtual host, youll need an entry in /etc/hosts:
your-physical-ip virtual.host.fqdn1
your-physical-ip virtual.host.fqdn2
etc.
In a related matter. I am having trouble implementing a second https server
one of virtual ip addresses. Both domains have permanent redirects to the
https port. However, the second ssl server does not even show up when I
conduct a port scan on its ip address. Yet both have the same SSL
configuration elements. I have compared the two configurations and I see
absolutely no difference except of course the SSL certificate and server key
targets.
When I disable the permanent redirect, I have not trouble getting to the domain
on port 80.
Is it possible to run 2 https servers using different virtual addresses on the
same physical server?
Yes -- its not recommended by apache, but its done.
The clients will either get warnings about the certificate being invalid, or
you can get a wildcard certificate if all your virtual ssl hosts use the same
domain name (box1.mydomain.com, box2.mydomain,com, box3.mydomain.com, etc.).
Apache still doesnt like this and will spit warnings, but it works.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
