Re: Options for multiple SSL domains on 1 server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 04.10.2010 21:00, Igor GaliÄ wrote:


----- "Grant"<emailgrant@xxxxxxxxx>  wrote:


The "virtualhost for each SSL host" is what I mean by separate
apache2
configs.  I'd like to be able to define different domain names on

the

fly within my perl scripts without changing apache2 config.  Maybe
we're just not there yet?


You can also use things like mod_macro to enable that kind of

flexibility.

I looked at mod_macro but it seems to essentially be a framework for
setting and reading variable values within the apache2 config files.
What I'd like to do is allow new SSL domains to be defined from the
web in an automatic fashion without the need for SSH access.  At this
point I'm thinking something that generates a new vhost config file
for each domain name would be perfect.  It could use a template for
each file and just change the IP address and SSL certificate/key
references.  Does something like this exist?


Aaaha...

An (SSL) VHost is just a couple of lines.. depending on your setup
either the IP/Cert/ServerName (IP Based) or only the ServerName
(SubjectAltName)

One way or the other, you can define a pattern:

<Macro SSLVhost $servername $ip>

     <VirtualHost $ip:443>
         ServerName $servername
         DocumentRoot /srv/web/$servername/htdocs
         SSLEngine On
         SSLCertificateChainFile /etc/pki/ssl/$servername.pem
         ErrorLog /var/log/httpd/$servername/error_log
     </VirtualHost>

</Macro>

, and then

Use SSLVhost servername IP

In some or the other file. That's one line you have to add -- and then you do an
apachectl graceful.
I vaguely remember some kind of limitation concerning mod_macro and VirtualHost. I think you can define the contents of the VirtualHost container by a macro, but not the container itself, so e.g. 

<Macro SSLVhost $servername>
         ServerName $servername
         DocumentRoot /srv/web/$servername/htdocs
         SSLEngine On
         SSLCertificateChainFile /etc/pki/ssl/$servername.pem
         ErrorLog /var/log/httpd/$servername/error_log
</Macro>

and then

<VirtualHost IP1:443>
  SSLVHost name1
</VirtualHost>

<VirtualHost IP2:443>
  SSLVHost name2
</VirtualHost>

...

I could be wrong though.

Regards,

Rainer


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux