On Wed, Apr 8, 2009 at 9:04 AM, Stephen Goldschmidt
<sgoldschmidt@xxxxxxxxxxxx> wrote:
> Hello
>
> I am using apache and have a Virtualhost enabled with ssl and this works
> great, using a godaddy ssl cert.
>
> my question is the certificate is only assigned to one domain name.
> www.domain.com
>
> so in my browser if i go to www.domain.com or domain.com the ssl certificate
> works with no problems.
>
> i am having an issue with having www.domain.org and www.domain.net redirect
> to www.domain.com over port 443. Since apache does not support NamedVirthual
> Hosts over port 443 how can i create a virtual host using the name and alias
> of www.domain.net and www.domain.org using port 443 and redirect to vhost
> www.domain.com?
>
> if i try to add a second vhost using the same ip and port apache does not
> like it but i don't want to use another routeable ip to get this to work.
>
> i want is for domain x to have the signed cert and have domain y and z
> redirct on the apache side to domain x. domain y and z will not have
> separate content
>
> my problem is when i create another <virtualhost 192.168.100.25:443> for
> domain y and z, since domain x already has <virtualhost 192.168.100.25:443>
> upon restart of apache i get an error stating that domain 192.168.100.25:443
> already is assigned, and that i should try the <named virtual host *:443>
> directive. but since apache does not support <named virtual host> over ssl
> port 443 i don't know how to set up domain y and z to redirect to domain x.
>
> can i add the redirect of y and z domain inside of the <virtualhost> for x
> domain? i tried it by addind redirect / https://domain.com/ and the site
> just sits in a loop and does not open. am i missing something or does this
> redirect have to be tagged otherway first?
>
> Can this be done? or can i add these redirect in the original ssl enabled
> vhost?
>
> or has anyone had success with mod_gnutls? if so how do you set this up with
> ubuntu 8.10?
>
> Thanks
[clip]
Stephen,
To clarify, Apache does /not/ prohibit name based virtual hosting on
any particular port. The issue is that when an SSL connection comes in
(on any port, but the default is 443), it is inherently encrypted so
Apache cannot look inside the HTTP request to see what the value of
the Host header is, which is how it does named based vhosting.
However, that really only effects what vhost is used to handle the
ssl. Once the SSL is decrypted, Apache will re-attempt to figure out
the correct vhost, which can be done using the Host header for
name-based vhosting.
But that doesn't really address your problem. I think your best
solution is to include your other domains as ServerAliases inside you
main SSL vhost, and then use a RewriteCond to redirect requests that
match those hosts. Something like:
#### Apache config file snippet #####
NameVirtualHost 192.168.11.25:443
#Domain X, Y, and Z all in one
<virtualhost 192.168.100.25:443>
###Set up SSL stuff here...
ServerName X
ServerAlias Y Z #Let this vhost be used for name-based vhosting of Y
and Z as well.
RewriteEngine on
RewriteCond %{HTTP_HOST} ^Y/* [OR] #Only apply following rewrite
rule for domain Y...
RewriteCond %{HTTP_HOST} ^Z/* [OR] #... or domain Z
RewriteRule ^/(.*)$ https://X:443/$1 [R=301]
</virtualhost>
I think that should accomplish what you're looking for.
Hope that helps,
-Brian
--
Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from: http://pgp.mit.edu/
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|