Re: if statement and ssl directives (apache 2.4)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,

Well it depends who's editing the file. Some people are used to modify just the first block and ignore the following. You know what I mean ;-)
This is the reason why I'm trying to turn these Apache configuration "nginx way". Less blocks, less lines, less mistakes made.

Adam.

On 12/06/2017 10:56 AM, Gillis J. de Nijs wrote:
Hi Adam,

Simplest, in my opnion, is simplest to read and parse for a human.

What's wrong with:

## One VirtualHost that does everything
<VirtualHost *:443>
    ServerName www.comptoir-hardware.com

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/comptoir-hardware.com.crt
    SSLCertificateKeyFile /etc/ssl/private/comptoir-hardware.com.key
    SSLCACertificateFile  /etc/ssl/certs/comptoir-hardware.com.ca

    DocumentRoot ...
</VirtualHost>

## Redirect to main VirtualHost
<VirtualHost *:443>
    ServerName new.comptoir-hardware.com
    ServerAlias comptoir-hardware.com
    ServerAlias comptoir.co
    ServerAlias www.comptoir.co

    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/comptoir-hardware.com.crt
    SSLCertificateKeyFile /etc/ssl/private/comptoir-hardware.com.key
    SSLCACertificateFile  /etc/ssl/certs/comptoir-hardware.com.ca

</VirtualHost>

## Redirect http to https main VirtualHost
<VirtualHost *:80>
    ServerName www.comptoir-hardware.com
    ServerAlias new.comptoir-hardware.com
    ServerAlias comptoir-hardware.com
    ServerAlias comptoir.co
    ServerAlias www.comptoir.co

</VirtualHost>

Cheers,
Gillis

On Wed, Dec 6, 2017 at 10:10 AM, Adam Cecile <acecile@xxxxxxxxxxx> wrote:
Hi,

I'm trying to achieve a simplier vhost configuration using if statements but httpd refuses to start when I put SSL related directive inside the if block:


<VirtualHost *:80 *:443>
  ServerName www.comptoir-hardware.com
  ServerAlias www.comptoir-hardware.com
  ServerAlias new.comptoir-hardware.com
  ServerAlias comptoir.co
  ServerAlias www.comptoir.co

  <If "req('Port') == '443'">
    SSLEngine on
    SSLCertificateFile /etc/ssl/certs/comptoir-hardware.com.crt
    SSLCertificateKeyFile /etc/ssl/private/comptoir-hardware.com.key
    SSLCACertificateFile  /etc/ssl/certs/comptoir-hardware.com.ca
  </If>

  <If "req('Host') != 'www.comptoir-harware.com'">
    RedirectMatch (.*) http://www.comptoir-hardware.com$1
  </If>

</VirtualHost>


Can you confirm there's a way to do what I want ? Can you see what's wrong ?

Thanks in advance,


Adam.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux