What is the correct way to configure one DocumentRoot that is available both with and without SSL for requests to all hostnames

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This question is related to one I already posted to Canonical's Launchpad site for Ubuntu support: https://answers.launchpad.net/ubuntu/+source/apache2/+question/233966

We are using Apache 2.2.22 as provided with Ubuntu 12.04. We are hosting a website for another company. Our FQDN is something like site5.company.com. The other company also has their DNS pointing to our IP for their users, something like site.othercompany.com. Both are A records.

We would like to enable SSL but still be able to get to the server without SSL (same content served from both ports 80 and 443). We would like to use one SSL cert for all hostnames used to reach the server - so the server should be reachable from site5.company.com and site.othercompany.com, both using the same cert. We are okay with getting browser warnings when going to site5.company.com.

To be clear, we do not want to distinguish the request by hostname.  We don't care if the request is for site5.company.com, site.othercompany.com, or foo.bar.  All requests should get the same content.  The only thing we want to distinguish is the port.  The only difference should be that if the request is over port 443, then SSL should be enabled.  

So if I understand, I should not need name-based vhosts.  Using the _default_ wildcard, I shouldn't even need to use the ServerName directive in each vhost, although it may be recommended to avoid DNS lookups.  However, I would prefer if I did not have to duplicate the same configuration twice (ports 80 and 443) for all possible hostnames just to add more ServerName directives.  It seems like there should be a better way.

We have a configuration that seems to work for most clients (posted on Launchpad).  However, some are unable to connect over SSL.  It seems to be an issue specific to how SSL is implemented on Ubuntu 12.04.  I would like to clarify how this should correctly be configured.  

I can certainly provide more information if it is necessary, including configuration files.  I appreciate any help you can provide.

--
Anthony J. DeCusati
adecusati@xxxxxxxxx



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux