Re: NameVirtualHost fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Paul,

Not sure how your example helps with the OP issue at all.

On Wed, 6 Jul 2022 at 06:40, Paul Kudla (SCOM.CA Internet Services Inc.) <paul@xxxxxxx> wrote:

this is how my ssl, vhosts, redirects are setup maybe this will help

note any ssl website name MUST equal a valid certificate or you will get
a cert mismatch error !!

granted there are several cert authorities (free ssl etc) i have found
its just easier to get a resale account (lots of providers opensrs,
certigo, thwarte etc etc) and pay the 10.00 per cert.

cert would be ok for www.xxx.com xnd xxx.com (aka you typically only
need one certificate per site.)

not pushing any provider, just saying letsencrypt etc does not always
work reliabily or speed issues....



<VirtualHost *:80>
ServerName bedrockconstruction.ca
ServerAlias bedrockconstruction.ca
ServerAlias www.bedrockconstruction.ca
Redirect permanent / https://bedrockconstruction.ca/
</VirtualHost>

<VirtualHost *:443>
ServerName bedrockconstruction.ca
ServerAlias bedrockconstruction.ca
ServerAlias www.bedrockconstruction.ca
DocumentRoot /www/bedrockconstruction.ca

SSLEngine on
SSLProtocol all
SSLCertificateFile
/www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.crt
SSLCertificateKeyFile
/www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.key
SSLCertificateChainFile
/www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.chain


SuexecUserGroup www www

<Directory "/www/bedrockconstruction.ca/wp-content/uploads/">
<Files "*.php">
Order Deny,Allow
Deny from All
</Files>
</Directory>

<Directory /www/bedrockconstruction.ca>
php_admin_value open_basedir /www/bedrockconstruction.ca:/var/log/
</Directory>

<Directory /www/bedrockconstruction.ca>
php_admin_value sys_temp_dir /www/bedrockconstruction.ca/tmp/
</Directory>

<Directory /www/bedrockconstruction.ca>
php_admin_value session.save_path /www/bedrockconstruction.ca/tmp/
</Directory>

<Directory /www/bedrockconstruction.ca>
php_admin_value soap.wsdl_cache_dir /www/bedrockconstruction.ca/tmp/
</Directory>

<Directory /www/bedrockconstruction.ca>
php_admin_value upload_tmp_dir /www/bedrockconstruction.ca/tmp
</Directory>

<Directory "/www/bedrockconstruction.ca">
AllowOverride All
php_value session.save_path "/www/bedrockconstruction.ca/"
</Directory>

</VirtualHost>



Happy Wednesday !!!
Thanks - paul

Paul Kudla


Scom.ca Internet Services <http://www.scom.ca>
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3

Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email paul@xxxxxxx

On 7/5/2022 5:38 PM, scom.ca@xxxxxxxxxxxxxxxx wrote:
> I've tried several variations but basically the error message is that
> the certificate and the key for example2.com
> <http://example2.com/> don't match. I thought I had set up the
> certificate with the proper keys so something must be screwed up  with
> the certificate. I'm working on that.
>
> Jack
>
>> On 2 Jul 2022, at 1:21, Frank Gingras <thumbs@xxxxxxxxxx
>> <mailto:thumbs@xxxxxxxxxx>> wrote:
>>
>> What does the error log say, exactly? Note that TLS failures can be
>> almost silent in the logs, so if a single vhost causes the startup
>> error, then check the certificate.
>>
>> On Fri, 1 Jul 2022 at 17:24, jnilles@xxxxxxxx
>> <mailto:jnilles@xxxxxxxx> <jnilles@xxxxxxxx <mailto:jnilles@xxxxxxxx>>
>> wrote:
>>
>>     Here's an example version of my vhosts.conf file:
>>
>>     # http redirect
>>     <VirtualHost *:80>
>>      ServerName central.com <http://central.com/>
>>      ServerAlias www.example1.com <http://www.example1.com/>
>>     *.example1.com <http://example1.com/>
>>      Redirect / https://www.example1.com/ <https://www.example1.com/>
>>      ErrorLog /var/log/apache2/example1.com
>>     <http://example1.com/>-error80_log
>>      CustomLog /var/log/apache2/example1.com
>>     <http://example1.com/>-access80_log combined
>>     </VirtualHost>
>>
>>     <Virtualhost *:80>
>>      ServerName example2.com <http://example2.com/>
>>      ServerAlias www.example2.com <http://www.example2.com/>
>>     *.example2.com <http://example2.com/>
>>      Redirect / https://www.example2.com/ <https://www.example2.com/>
>>      ErrorLog /var/log/apache2/example2.com
>>     <http://example2.com/>-error80_log
>>      CustomLog /var/log/apache2/example2.com
>>     <http://example2.com/>-access80_log combined
>>     </VirtualHost>
>>
>>     # https version
>>     <VirtualHost *:443>
>>      ServerAdmin webmaster@xxxxxxxxxxx <mailto:webmaster@xxxxxxxxxxx>
>>      ServerName example1.com <http://example1.com/>
>>      ServerAlias www.example1.com <http://www.example1.com/>
>>     *.example1.com <http://example1.com/>
>>      DocumentRoot "/home/data/hqwww/htdocs"
>>      SSLEngine on
>>      SSLProtocol all -SSLv2
>>      SSLCertificateFile /etc/apache2/ssl.crt/example.crt
>>      SSLCertificateKeyFile /etc/apache2/ssl.key/www.example1.com.key
>>     <http://www.example1.com.key/>
>>      SSLCertificateChainFile /etc/apache2/ssl.crt/example1.ca
>>     <http://example1.ca/>-bundle
>>      RewriteEngine On
>>      RewriteOptions Inherit
>>
>>
>>      <Directory "/home/data/example1/htdocs">
>>       AllowOverride None
>>       Options FollowSymlinks
>>       Require all granted
>>      </Directory>
>>
>>
>>       AccessFileName .htaccess
>>
>>      ErrorLog /var/log/apache2/example1.com
>>     <http://example1.com/>-error_log
>>      CustomLog /var/log/apache2/example1.com
>>     <http://example1.com/>-access_log combined
>>
>>
>>       Include /etc/apache2/conf.d/*.conf
>>     </VirtualHost>
>>
>>
>>     <VirtualHost *:443>
>>       ServerAdmin webmaster@xxxxxxxxxxx <mailto:webmaster@xxxxxxxxxxx>
>>       ServerName example2.com <http://example2.com/>
>>       ServerAlias www.example2.com <http://www.example2.com/>
>>     *.example2.com <http://example2.com/>
>>       DocumentRoot "/home/data/jmnwww/htdocs"
>>       SSLEngine on
>>       SSLProtocol all -SSLv2
>>       SSLCertificateFile /etc/apache2/ssl.crt/example2.crt
>>       SSLCertificateKeyFile /etc/apache2/ssl.key/www.example2.com.key
>>     <http://www.example2.com.key/>
>>       SSLCertificateChainFile /etc/apache2/ssl.crt/example2.ca
>>     <http://example2.ca/>-bundle
>>       RewriteEngine On
>>       RewriteOptions Inherit
>>
>>      <Directory "/home/data/example2/htdocs">
>>     ##  To make the site work with pretty permalinks use the next 2
>>     uncommented lines.
>>     ##  Otherwise use 'Options None' and 'AllowOverride None'
>>       AllowOverride all
>>       Options FollowSymlinks
>>       Require all granted
>>      </Directory>
>>
>>       AccessFileName .htaccess
>>
>>      ErrorLog /var/log/apache2/example2.com
>>     <http://example2.com/>-error_log
>>      CustomLog /var/log/apache2/example2.com
>>     <http://example2.com/>-access_log combined
>>
>>         Include /etc/apache2/conf.d/*.conf
>>     </VirtualHost>
>>
>>     If I drop the second host (example2), leaving just example1 it
>>     works; with both hosts apache crashes on restart. Here is  the
>>     failure message output for that case.
>>
>>      systemctl status apache2.service
>>     *●*apache2.service - The Apache Webserver
>>          Loaded: loaded (/usr/lib/systemd/system/apache2.service;
>>     enabled; vendor preset: disabled)
>>          Active: *failed*(Result: exit-code) since Fri 2022-07-01
>>     14:12:39 PDT; 6min ago
>>         Process: 29193 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD
>>     -DFOREGROUND -k start *(code=exited, status=1/*>
>>        Main PID: 29193 (code=exited, status=1/FAILURE)
>>          Status: "Reading configuration..."
>>
>>     Jul 01 14:12:39 donner systemd[1]: Starting The Apache Webserver...
>>     Jul 01 14:12:39 donner start_apache2[29193]: AH00548:
>>     NameVirtualHost has no effect and will be removed in t>
>>     Jul 01 14:12:39 donner systemd[1]: *apache2.service: Main process
>>     exited, code=exited, status=1/FAILURE*
>>     Jul 01 14:12:39 donner systemd[1]: *apache2.service: Failed with
>>     result 'exit-code'.*
>>     Jul 01 14:12:39 donner systemd[1]: *Failed to start The Apache
>>     Webserver.*
>>
>>
>>>     On 30 Jun 2022, at 16:24, Frank Gingras <thumbs@xxxxxxxxxx
>>>     <mailto:thumbs@xxxxxxxxxx>> wrote:
>>>
>>>     That is one assumption, sure. Best to have the user run apachectl
>>>     -S to confirm. For all we know, they could have defined invalid
>>>     vhosts.
>>>
>>>     On Thu, 30 Jun 2022 at 16:54, <freebsd@xxxxxxxxxxxx
>>>     <mailto:freebsd@xxxxxxxxxxxx>> wrote:
>>>
>>>         You are missing something called virtual hosts. You are
>>>         allowed one host but you can have many virtual hosts.
>>>         Secondly, you should be using Leap 15.4, it sounds like you
>>>         are out of date, sorry to say.____
>>>
>>>         __ __
>>>
>>>         If you go to your httpd.conf file then you will notice that
>>>         there is  a enable virtual hosts #include virtual hosts.conf
>>>         httpd-vhosts.conf so uncomment it remove the #____
>>>
>>>         __ __
>>>
>>>         *De :* jnilles@xxxxxxxx <mailto:jnilles@xxxxxxxx>
>>>         <jnilles@xxxxxxxx <mailto:jnilles@xxxxxxxx>>
>>>         *Envoyé :* jeudi 30 juin 2022 16:28
>>>         *À :* users@xxxxxxxxxxxxxxxx <mailto:users@xxxxxxxxxxxxxxxx>
>>>         *Objet :* NameVirtualHost fails____
>>>
>>>         __ __
>>>
>>>         I'm using SUSE Leap 15.3 and apache2. I'm trying to get SSL
>>>         to  work on two hosts with the same IP address. My
>>>         vhosts.config is set for the two hosts but only one actually
>>>         runs. When I run systemctl status apache2.service  I get a
>>>         message that NameVirtualHost has no effect and will be
>>>         removed. So the configuration only works if I have just one
>>>         host.____
>>>
>>>         __ __
>>>
>>>         What key detail am I missing in the network configuration?____
>>>
>>>         __ __
>>>
>>>         Thanks,____
>>>
>>>         __ __
>>>
>>>         Jack Nilles____
>>>
>>>         __ __
>>>
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by *MailScanner* <http://www.mailscanner.info/>, and is
> believed to be clean.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux