[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-ssl
Subject: Re: [apache-ssl] Multiple Virtual Hosts on Different Ports
From: cyberscreen internet services <peter () cyberscreen ! com>
Date: 2005-05-05 8:18:07
Message-ID: 6.0.0.22.0.20050505090446.031e20e0 () imap ! cyberscreen ! com
[Download RAW message or body]
At 02:48 05/05/2005, you wrote:
>The reason for the redirects is so that each request
>for any page on the VHosts is served securely, i.e.,
>no unsecure transactions beside the initial 302 are
>allowed.
At the risk of sounding stupid, then if all you want to do is serve
requests from vh1.loc and vh2.loc as secure, then why don't you forget all
about the Rewriting business and just access the hosts as
https://vh1.loc:714 and https://vh2.loc:715??
OK, you only have one IP address, but as long as you specify different port
no's for each host and make sure your Apache has a Listen directive for
each of these ports (so it knows to listen on them:-) I don't see there is
a problem. I really don't understand why you need to Rewrite.
So I would write the conf like this:
Main server conf:
SSLDisable
Listen 80
Listen 443
Listen 714
Listen 715
NameVirtualHost 10.0.0.2:80 (assuming you WANT to serve non-secure http
pages - if not, don't listen on this port!)
NameVirtualHost 10.0.0.2:443 (assuming you WANT to have the default https
port available)
NameVirtualHost 10.0.0.2:714
NameVirtualHost 10.0.0.2:715
then for the Virt Host section:
for the secure sites:
<VirtualHost 10.0.0.2:714>
ServerName vh1.loc
DocumentRoot /var/www/vh1
SSLEnable
SSLCertificateFile etc/apache-ssl/certs/vh1.cert.cert
SSLCertificateKeyFile /etc/apache-ssl/certs/vh1.cert.key
</VirtualHost>
<VirtualHost 10.0.0.2:715>
ServerName vh2.loc
DocumentRoot /var/www/vh2
SSLEnable
SSLCertificateFile etc/apache-ssl/certs/vh2.cert.cert
SSLCertificateKeyFile /etc/apache-ssl/certs/vh2.cert.key
</VirtualHost>
of course, if
As regards the localhosts - well to be honest I've only ever configured
Apache for production internet-facing webservers with fully functioning
DNS, so I don't know for sure.
But I would expect you to have to make duplicate entries but substituting
127.0.0.1 for 10.0.0.2 throughout.
If of course I have completely missed the point of what you are trying to
do, please ignore all of the above!
Regards
Peter Rose
Cyberscreen Internet Services.
25, Oak Hill,
Woodford Green,
Essex IG8 9NS
UK
Tel/Fax: +44 (0)208 504 6316
Mobile: +44 (0)7771 987452
www.cyberscreen.com
-----------------------------------------------------------------------------------
to unsubscribe, send a blank email to: apache-ssl-unsubscribe@lists.aldigital.co.uk
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic