Hi, I am using apache 2.2.2 and I am running multiple sites on SSL. It works fine. <VirtualHost 192.168.1.3:443> # General setup for the virtual host DocumentRoot "/www/docs/site1" ServerName site1.mydomain.com ServerAdmin admin@xxxxxxxxxxxx ErrorLog /opt/apache2.2/logs/error_log TransferLog /opt/apache2.2/logs/access_log SSLEngine on SSLCertificateFile /opt/apache2.2/sslkeys/server.crt SSLCertificateKeyFile /opt/apache2.2/sslkeys/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /opt/apache2.2/logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> <VirtualHost 192.168.1.3:443> # General setup for the virtual host DocumentRoot "/www/docs/site2" ServerName site2.mydomain.com ServerAdmin admin@xxxxxxxxxxxx ErrorLog /opt/apache2.2/logs/error_log TransferLog /opt/apache2.2/logs/access_log SSLEngine on SSLCertificateFile /opt/apache2.2/sslkeys/server1.crt SSLCertificateKeyFile /opt/apache2.2/sslkeys/server.key BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 CustomLog /opt/apache2.2/logs/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> You will not all the directives of the above configuration. Let me know the result. Thanks, Om. omprakash@xxxxxxxxxxxx +91 9866 666460 Brian Rectanus wrote:
On 5/26/06, Shai <shaibn@xxxxxxxxx> wrote:On 5/26/06, Brian Rectanus <brectanu@xxxxxxxxx> wrote: > On 5/25/06, Shai <shaibn@xxxxxxxxx> wrote: > > Hi, > > > > Since I'm a home user and I only have 1 IP but I still want to make > > access to my SSL secured sites, I decided I can't use vhosts since > > those either need to configure different ports or separate IP per > > vhost. > > > > So what I want to use now are aliases like: > > > > https://mydomain.com/webmail > > and > > https://mydomain.com/admin > > > > etc etc ... > > > > That said, I still want to have separate logs per site. Can that be > > done? If yes, how? > > > > Thanks in advance, > > Shai > > > > Couple of different ways: > > 1) Set env vars for different 'sites' > > SetEnvIf Request_URI ^/webmail site-webmail > SetEnvIf Request_URI ^/admin site-admin > CustomLog webmail-access_log common env=site-webmail > CustomLog admin-access_log common env=site-admin > > 2) Reverse proxy to vhost on localhost port > > Listen 443 > <VirtualHost *:443> > ... > ProxyPass /webmail/ http://localhost:8443/ > ProxyPass /admin/ http://localhost:9443/ > ProxyPassReverse /webmail/ http://localhost:8443/ > ProxyPassReverse /admin/ http://localhost:9443/ > </VirtualHost> > > Listen localhost:8443 > <VirtualHost *:8443> > ... > </VirtualHost> > > Listen localhost:9443 > <VirtualHost *:9443> > ... > </VirtualHost> > > Well, there is two ways at least. > > -B Brian, Thanks for your quick response :) I just don't understand exactly why you placed those 3 dots here: <VirtualHost *:443> ... What exactly did you imply i should place in this vhost directive? Also, I think that in the other two vhosts you want me to put the same info I have today in my vhosts? Thanks for your help, ShaiActually, I was a bit tired when I wrote that ;) So, change 8443 => 8001, 9443 => 8002 (they were not intended to be SSL) You would setup the 443 virtual host to minimally serve mydomain.com SSL with minimal logging, but put the handlers for webmail and admin in the 8001 and 8002 virtual hosts. The actual handling is done in the 8001/8002 with 443 deciding which of those to call. You might also want a non-ssl *:80 virtual host with a redirect to SSL (if you want to force SSL always): <VirtualHost *:80> ServerName mydomain.com ... RewriteEngine On RewriteRule ^/(.*) https://mydomain.com/$1 [R,L] </VirtualHost> The '...' being anything else you need (logging maybe), but not required. Also, if you have problems with the /webmail and /admin prefixes messing things up (being stripped off), then setup the 8001/8002 vhosts with them and add the prefix onto the right hand side of the ProxyPass[Reverse] lines (ProxyPass /webmail https://localhost/webmail, etc.). Does that make more sense? This is just a reverse proxy setup (see http://httpd.apache.org/docs/2.2/mod/mod_proxy.html for more details and syntax) ---------------------------------------------------------------------The official User-To-User support forum of the Apache HTTP Server Project.See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx