Re: httpd2 vhost & ssl configuration problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Okay my goal was to host different subdomains like: me.example.com and she.example.com. I thought I am able to provide the same cert for all subdomains (wildcard ssl cert). I hoped if someone connects to http://me.example.com is automatically by the me VH config "forwarded" to https://me.example.com. 

But this didn't work. I had a lot of different strange behaviors.

Now I made a little hack (which is okay for me).
I set up all the VH like <VirtualHost *:443> (changed the port from 80 to 443). Then I set the option SSLRequireSSL to all "Root"-Directories from my VH's.
If now someone connects to http://sub.domain.com instead of using ssl, I made a RewriteRule on the default VH:80: 
       RewriteEngine On
       RewriteCond %{HTTPS} !on
       RewriteRule ^/(.*) https://%{SERVER_NAME}%{REQUEST_URI} [R]
And so, everyone is automatically forwarded from http to https and the right subdomain and request uri.
Additionally I had to add "NameVirtualHost *:443" (thanks to johns_[at]_msli.com from this ML). 

Now everything works for my purposes :)


Boyle Owen wrote:

-----Original Message-----
From: pat [mailto:pat@xxxxxxxxxx] Sent: Wednesday, February 20, 2008 9:15 AM 
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  httpd2 vhost & ssl configuration problem
I searched my config files for that line, but there was obviously none. I added it to the default_ssl_vhost.conf after "Listen 443". If I know connect to https:443 it works correctly and the right content is shown :) But if I connect to http:80 is shows the default DocumentRoot. Can you give me an advice, how to achieve http:80 forwarding to https:443? 

What are you actually trying to achieve? Is it to have only an HTTPS
site so that https://mysite/ loads your preferred docroot and
http://mysite/ redirects to that also?
If so, all you need is 
<vh:80>
	RedirectMatch ^(.*)$ https://mysite/$1
</vh>

<vh:443>
	DocumentRoot /my/favourite/docroot
</vh>


If not, please explain what your required end-result is...

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 
johns@xxxxxxxx wrote:

Do you have a line like this outside your virtual host scope
NameVirtualHost *:443

On Wed, 2008-02-20 at 08:09 +1300, PingBad wrote:

On Wednesday 20 February 2008 00:10, pat wrote:


Hello
I have a problem with the apache2 configuration if I want 
to combine
vhost and ssl settings. My apache opts: APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE 
-D


SSL -D SSL_DEFAULT_VHOST -D PHP5 -D PERL -D PYTHON -D SUEXEC"
This is my vhost config: <IfDefine SSL_DEFAULT_VHOST> <IfModule ssl_module> <VirtualHost *:80> ServerName host.company.com DirectoryIndex index.php index.html DocumentRoot "/var/www/localhost/htdocs/host-company-com" ServerAlias host.company.com *.host.company.com ErrorLog /var/log/apache2/vhosts/error_log CustomLog /var/log/apache2/vhosts/access_log common <Directory "/var/www/localhost/htdocs/host-company-com"> SSLRequireSSL Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> Now my problem is that if I connect to 
http://host.company.com works
(the content from /var/www/localhost/htdocs/host-company-com is 
shown),


but if I connect to https://host.company.com it doesn't work

correctly


and the content from /var/www/localhost/htdocs/ (default

DocumentRoot)


is shown.
Why? I want to have ssl support for my vhost 
"host.company.com" but
apache forwards to the wrong DocumentRoot. Does anyone have an idea, what the problem is? Thank you and best regards, pat 
---------------------------------------------------------------------

The official User-To-User support forum of the Apache HTTP Server

Project.


See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx 
Did you setup a VirtualHost for port 443?

<VirtualHost *:443>

ServerName host.company.com

DirectoryIndex index.php index.html

DocumentRoot "/var/www/localhost/htdocs/host-company-com"

ServerAlias host.company.com *.host.company.com

ErrorLog /var/log/apache2/vhosts/error_log

CustomLog /var/log/apache2/vhosts/access_log common

<Directory "/var/www/localhost/htdocs/host-company-com">

SSLRequireSSL

Options Indexes FollowSymLinks

AllowOverride None

Order allow,deny

Allow from all

</Directory>

</VirtualHost>

HTTP and HTTPS use 2 different ports.

--

PingBad,

IRC Fanatic
CONFIDENTIALITY NOTICE: This electronic mail message and
any attachment hereto may contain confidential information of Meyer Sound Laboratories, Incorporated and is intended for the personal and confidential use of the designated recipient(s) only. If you are not the intended recipient (or responsible for delivering the message to the intended recipient), you have received this message in error and any review, distribution, or copying of this message or any attachment hereto is prohibited. If you have received this message in error, please promptly notify the sender and permanently delete it from your computer. 
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP 
Server Project.

See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


--
Patrick Grieshaber
http://www.ng-lab.org
sysspoof@xxxxxxxxxx
pgr@xxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project. 
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. The sender's company reserves the right to monitor all e-mail communications through their networks. 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx





--
Patrick Grieshaber
http://www.ng-lab.org
sysspoof@xxxxxxxxxx
pgr@xxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux