Re: NameVirtualHost Directive - - - - Multiple SSL virtual hosts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Duane,

Thanks for responding to my post.  The error message I get from using the NameVirgualHost command is:

[Sat Jun 05 15:38:49 2010] [warn] NameVirtualHost 192.168.0.93:80 has no VirtualHosts

Here is a copy and paste right out of my httpd.conf

Listen 192.168.0.93:80
Listen 192.168.0.200:80

NameVirtualHost 192.168.0.93:80

I had in each virtual host configured with the IP address when I received that error.  When I tried your example using the fqdn in the <VirtualHost fqdn.com> container, I mulitple errors like this:

[Sat Jun 05 15:51:21 2010] [warn] VirtualHost fqdn1.com:80 overlaps with VirtualHost fqdn2.com:80, the first has precedence, perhaps you need a NameVirtualHost directive

This is repeated for every name-based virtual host I have until I added the fqdns to /etc/hosts.  However, I still get the error message about NameVirtualHost 192.168.0.93 has no Virtual Hosts


Concerning your suggestion for the wild card certificate, I see there is a multi-domain certificate offered that seems like just what I need.  I wonder how I configure my SSLCertificateFile and SSLCertificateKeyFile directives.  Do I simply point these directives to the same files within the different ip-based virtual hosts?  Something like this:

<VirtualHost 192.168.0.200:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>

<VirtualHost 192.168.0.201:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>

<VirtualHost 192.168.0.202:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>


-----Original Message-----
From: "Duane Winner" [duane@xxxxxxxxxxxxxxx]
Date: 06/04/2010 03:23 PM
To: users@xxxxxxxxxxxxxxxx
Subject: Re:  NameVirtualHost Directive - - - - Multiple SSL 
	virtual hosts



On Fri, Jun 4, 2010 at 6:10 PM, Jeff Shearer <jeff@xxxxxxxxxxxxxxxxxx> wrote:
I have an Apache 2.2 server sitting on a box with one physical address and multiple virtual addresses.  The physical address servers my name-based virtual hosts where as the virtual addresses server ip-based virtual hosts.   I read about the NameVirtualHost directive and tried to implement it but it seems it does nothing but cause error messages.  I tried to put into the main server config near my listen directives and received an error that there was no virtual host despite the fact that there are more than one virtual host.

I also tried to put it just before each of the virtual host directives and received errors.

Is this directive needed, everything seems to work fine with out it.

What are the error messages?

For your physical address serving your virtual hosts you should have:

Listen your-physical-ip:80
Listen your-physical-ip:443
NameVirtualHost your-physical-ip7:80
NameVirtualHost your physical-ip:443
...


Then for each virtual host served by physical IP, all you need is:

<VirtualHost virtual.host.fqdn:80>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>


<VirtualHost virtual.host.fqdn:443>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>


Also, for each virtual host, youll need an entry in /etc/hosts:

your-physical-ip     virtual.host.fqdn1
your-physical-ip     virtual.host.fqdn2
etc.


 
In a related matter.  I am having trouble implementing a second https server one of virtual ip addresses.  Both domains have permanent redirects to the https port.  However, the second ssl server does not even show up when I conduct a port scan on its ip address.  Yet both have the same SSL configuration elements.  I have compared the two configurations and I see absolutely no difference except of course the SSL certificate and server key targets.

When I disable the permanent redirect, I have not trouble getting to the domain on port 80.   
Is it  possible to run 2 https servers using different virtual addresses on the same physical server?

Yes -- its not recommended by apache, but its done.

The clients will either get warnings about the certificate being invalid, or you can get a wildcard certificate if all your virtual ssl hosts use the same domain name (box1.mydomain.com, box2.mydomain,com, box3.mydomain.com, etc.). Apache still doesnt like this and will spit warnings, but it works.





 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux