pat wrote:
A bit late in replying and not sure if you have solved your issues. Here is the way I set up my server. This works for me, also make sure you emerge apache with SNI support if you want to have different SSL certificates.PingBad wrote:On Wednesday 20 February 2008 00:10, pat wrote: > Hello > > I have a problem with the apache2 configuration if I want to combine > vhost and ssl settings. > My apache opts: APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D LANGUAGE -D > SSL -D SSL_DEFAULT_VHOST -D PHP5 -D PERL -D PYTHON -D SUEXEC" > > This is my vhost config: > <IfDefine SSL_DEFAULT_VHOST> > <IfModule ssl_module> > <VirtualHost *:80> > > ServerName host.company.com > > DirectoryIndex index.php index.html > DocumentRoot "/var/www/localhost/htdocs/host-company-com" > ServerAlias host.company.com *.host.company.com > ErrorLog /var/log/apache2/vhosts/error_log > CustomLog /var/log/apache2/vhosts/access_log common > > <Directory "/var/www/localhost/htdocs/host-company-com"> > SSLRequireSSL > Options Indexes FollowSymLinks > AllowOverride None > Order allow,deny > Allow from all > </Directory> > </VirtualHost> > > Now my problem is that if I connect to http://host.company.com works > (the content from /var/www/localhost/htdocs/host-company-com is shown), > but if I connect to https://host.company.com it doesn't work correctly > and the content from /var/www/localhost/htdocs/ (default DocumentRoot) > is shown. > Why? I want to have ssl support for my vhost "host.company.com" but > apache forwards to the wrong DocumentRoot. > Does anyone have an idea, what the problem is? > > Thank you and best regards, > pat > > ---------------------------------------------------------------------> The official User-To-User support forum of the Apache HTTP Server Project.> See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx Did you setup a VirtualHost for port 443? <VirtualHost *:443> ServerName host.company.com DirectoryIndex index.php index.html DocumentRoot "/var/www/localhost/htdocs/host-company-com" ServerAlias host.company.com *.host.company.com ErrorLog /var/log/apache2/vhosts/error_log CustomLog /var/log/apache2/vhosts/access_log common <Directory "/var/www/localhost/htdocs/host-company-com"> SSLRequireSSL Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> </VirtualHost> HTTP and HTTPS use 2 different ports. -- PingBad, IRC FanaticHi PingBad Yes. there is the "default_ssl_vhost" configured for that: isten 443 <VirtualHost _default_:443> ServerName company.com Include /etc/apache2/vhosts.d/default_vhost.include ErrorLog /var/log/apache2/ssl_error_log ... </VirtualHost>But I followed your advice anyway and changed the port in the current discussed config to 443. Here's the output:/etc/init.d/apache2 reload * Gracefully restarting apache2 ...apache2: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName [Wed Feb 20 02:48:02 2008] [warn] _default_ VirtualHost overlap on port 443, the first has precedence [ ok ]Now it has a different behavior: If I know connect to http:80 or https:443, it always shows me the content of the default DocumentRoot /var/www/localhost/htdocs/ instead of /var/www/localhost/htdocs/host-company-com.
Gentoo, apache 2.2.8
# vim /etc/conf.d/apache2
APACHE2_OPTS="-D DEFAULT_VHOST -D SSL -D SSL_DEFAULT_VHOST -D PROXY ..."
# vim /etc/apache2/vhosts.d/00_default_vhost.conf
...
Listen 80
NameVirtualHost *:80
<VirtualHost _default_:80>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>
</VirtualHost>
...
# vim /etc/apache2/vhosts.d/00_default_ssl_vhost.conf
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
...
SSLCertificateFile /etc/apache2/ssl/server_cert.pem
SSLCertificateKeyFile /etc/apache2/ssl/server_privatekey.pem
SSLCACertificateFile /etc/apache2/ssl/ca-bundle.crt
...
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCipherSuite AL
SSLCertificateFile /etc/apache2/ssl/domain2.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain2.key
SSLCertificateChainFile /etc/apache2/ssl/domain2.ca-bundle
ServerName domain2:443
...
</VirtualHost>
etc...
#Here we configure domain2 to redirect to https when accessed.
#vim vim /etc/apache2/vhosts.d/domain2.conf
<VirtualHost *:80>
ServerName domain2
DocumentRoot "/var/www/domain2/htdocs/"
RewriteEngine on
RewriteCond %{SERVER_PORT} !^443$
RewriteRule ^/cgi-bin/git.cgi
https://%{SERVER_NAME}/cgi-bin/git.cgi$1 [L,R]
<Directory "/var/www/domain2/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from xxx.xxx.xxx.xxx
</Directory>
</VirtualHost>
Hope this helps
--
Norman
%>>> "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-83)%26)
for c in ",adym,*)&uzq^zqf" ] )
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|