Re: Options for multiple SSL domains on 1 server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

----- "Rainer Jung" <rainer.jung@xxxxxxxxxxx> wrote:

> On 04.10.2010 21:00, Igor GaliÄ wrote:
> >
> > ----- "Grant"<emailgrant@xxxxxxxxx>  wrote:
> >
> >>>> The "virtualhost for each SSL host" is what I mean by separate
> >>>> apache2
> >>>> configs.  I'd like to be able to define different domain names
> on
> >> the
> >>>> fly within my perl scripts without changing apache2 config. 
> Maybe
> >>>> we're just not there yet?
> >>>
> >>> You can also use things like mod_macro to enable that kind of
> >> flexibility.
> >>
> >> I looked at mod_macro but it seems to essentially be a framework
> for
> >> setting and reading variable values within the apache2 config
> files.
> >> What I'd like to do is allow new SSL domains to be defined from
> the
> >> web in an automatic fashion without the need for SSH access.  At
> this
> >> point I'm thinking something that generates a new vhost config
> file
> >> for each domain name would be perfect.  It could use a template
> for
> >> each file and just change the IP address and SSL certificate/key
> >> references.  Does something like this exist?
> >
> > Aaaha...
> >
> > An (SSL) VHost is just a couple of lines.. depending on your setup
> > either the IP/Cert/ServerName (IP Based) or only the ServerName
> > (SubjectAltName)
> >
> > One way or the other, you can define a pattern:
> >
> > <Macro SSLVhost $servername $ip>
> >
> >      <VirtualHost $ip:443>
> >          ServerName $servername
> >          DocumentRoot /srv/web/$servername/htdocs
> >          SSLEngine On
> >          SSLCertificateChainFile /etc/pki/ssl/$servername.pem
> >          ErrorLog /var/log/httpd/$servername/error_log
> >      </VirtualHost>
> >
> > </Macro>
> >
> > , and then
> >
> > Use SSLVhost servername IP
> >
> > In some or the other file. That's one line you have to add -- and
> then you do an
> > apachectl graceful.
> 
> I vaguely remember some kind of limitation concerning mod_macro and 
> VirtualHost. I think you can define the contents of the VirtualHost 
> container by a macro, but not the container itself, so e.g.
> 
> <Macro SSLVhost $servername>
>           ServerName $servername
>           DocumentRoot /srv/web/$servername/htdocs
>           SSLEngine On
>           SSLCertificateChainFile /etc/pki/ssl/$servername.pem
>           ErrorLog /var/log/httpd/$servername/error_log
> </Macro>
> 
> and then
> 
> <VirtualHost IP1:443>
>    SSLVHost name1
> </VirtualHost>
> 
> <VirtualHost IP2:443>
>    SSLVHost name2
> </VirtualHost>
> 
> ...
> 
> I could be wrong though.


i.galic@pheme ~ % bw_apachectl.sh vhosts esotericsystems.at
/bin/sh: Illegal option -p
/bin/sh: Illegal option -p
[Mon Oct 04 20:00:18 2010] [warn] module dir_module is already loaded, skipping
VirtualHost configuration:
127.0.0.1:8001         is a NameVirtualHost
         default server www.esotericsystems.at (macro 'StaticWWWVHostAlias' (defined on line 49 of /etc/bw/apache/extra/macro.conf) used on line 17 of /etc/bw/apache/vhosts/esotericsystems.at/httpd.conf:1)
         port 8001 namevhost www.esotericsystems.at (macro 'StaticWWWVHostAlias' (defined on line 49 of /etc/bw/apache/extra/macro.conf) used on line 17 of /etc/bw/apache/vhosts/esotericsystems.at/httpd.conf:1)
         port 8001 namevhost blag.esotericsystems.at (/etc/bw/apache/vhosts/esotericsystems.at/httpd.conf:19)
         port 8001 namevhost pheme.esotericsystems.at (/etc/bw/apache/vhosts/esotericsystems.at/pheme.conf:2)
         port 8001 namevhost customers.esotericsystems.at (/etc/bw/apache/vhosts/esotericsystems.at/customers.conf:2)
         port 8001 namevhost bombground.esotericsystems.at (macro 'PHPVHost' (defined on line 65 of /etc/bw/apache/extra/macro.conf) used on line 46 of /etc/bw/apache/vhosts/esotericsystems.at/httpd.conf:1)
         port 8001 namevhost halas.esotericsystems.at (macro 'PHPVHost' (defined on line 65 of /etc/bw/apache/extra/macro.conf) used on line 47 of /etc/bw/apache/vhosts/esotericsystems.at/httpd.conf:1)
Syntax OK
i.galic@pheme ~ %


With /etc/bw/apache/extra/macro.conf -- see attachment.



> 
> Regards,
> 
> Rainer

bye

-- 
Igor GaliÄ

Tel: +43 (0) 664 886 22 883
Mail: i.galic@xxxxxxxxxxxxxx
URL: http://brainsware.org/

Attachment: macro.conf
Description: Binary data

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux