Re: Problem with NameVirtualHost and VirtualHost

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Owen!

On Nov 21, 2007 4:59 PM, Boyle Owen <Owen.Boyle@xxxxxxx> wrote:
>
> That's about right... You didn't (mercifully :-) show us your complete config,
>
well, if u need some reading-stuff. I'll send them to ypu right away
or, if you prefer, post 'em here on the list ;)

> but I'm guessing you just used ServerAlias directives instead of ServerName.

absolutely correct

> As far as VH resolution is concerned, they are equivalent. You might get problems with redirect and self-referential URLs, however.

ehem?

Could you specify what you mean by this?

What I did to every vhost is, that I specified a vhost on port80 and
one on 443.
When coming in through port 80, then a small rule via mod_rewrite
redirects the request to port 443, and this also works like charm.

Here's the rule:

RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1

> It is true that if you don't care about browser warnings, or that the session is encrypted using the cert from the first VH only, then name-based VHing under SSL will *seem* to work. It's fine for a test environment but this is no solution for the real world (would you type your credit card number into a website that seemed to be called nice-shop.com but your browser was complaining that the certificate was registered to evil-crook.com?)
>

I absolutely agree with you on that one. However, it's just a
test-server for internal development mirroring the production-server's
environment, and the struggle with our network-admins allowing us
additional IPs for that server is something I'd rather avoid ;)

Cheers!

Gregor
-- 
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A84FA526807026795E4209D3B3FE028B3170B2
gpgp-key available @ http://pgpkeys.pca.dfn.de:11371

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux