'Re: [apache-ssl] Multiple Virtual Hosts on Different Ports'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-ssl
Subject:    Re: [apache-ssl] Multiple Virtual Hosts on Different Ports
From:       cyberscreen internet services <peter () cyberscreen ! com>
Date:       2005-05-05 8:18:07
Message-ID: 6.0.0.22.0.20050505090446.031e20e0 () imap ! cyberscreen ! com
[Download RAW message or body]

At 02:48 05/05/2005, you wrote:
>The reason for the redirects is so that each request
>for any page on the VHosts is served securely, i.e.,
>no unsecure transactions beside the initial 302 are
>allowed.


At the risk of sounding stupid, then if all you want to do is serve 
requests from  vh1.loc and vh2.loc as secure, then why don't you forget all 
about the Rewriting business and just access the hosts as 
https://vh1.loc:714 and https://vh2.loc:715??

OK, you only have one IP address, but as long as you specify different port 
no's for each host and make sure your Apache has a Listen directive for 
each of these ports (so it knows to listen on them:-) I don't see there is 
a problem. I really don't understand why you need to Rewrite.

So I would write the conf like this:

Main server conf:

SSLDisable
Listen 80
Listen 443
Listen 714
Listen 715
NameVirtualHost 10.0.0.2:80 (assuming you WANT to serve non-secure http 
pages - if not, don't listen on this port!)
NameVirtualHost 10.0.0.2:443 (assuming you WANT to have the default https 
port available)
NameVirtualHost 10.0.0.2:714
NameVirtualHost 10.0.0.2:715

then for the Virt Host section:

for the secure sites:

<VirtualHost 10.0.0.2:714>
   ServerName vh1.loc
   DocumentRoot /var/www/vh1
   SSLEnable
   SSLCertificateFile etc/apache-ssl/certs/vh1.cert.cert
   SSLCertificateKeyFile /etc/apache-ssl/certs/vh1.cert.key
</VirtualHost>

<VirtualHost 10.0.0.2:715>
   ServerName vh2.loc
   DocumentRoot /var/www/vh2
   SSLEnable
   SSLCertificateFile etc/apache-ssl/certs/vh2.cert.cert
   SSLCertificateKeyFile /etc/apache-ssl/certs/vh2.cert.key
</VirtualHost>

of course, if
As regards the localhosts - well to be honest I've only ever configured 
Apache for production internet-facing webservers with fully functioning 
DNS, so I don't know for sure.
But I would expect you to have to make duplicate entries but substituting 
127.0.0.1 for 10.0.0.2 throughout.


If of course I have completely missed the point of what you are trying to 
do, please ignore all of the above!

Regards

Peter Rose


Cyberscreen Internet Services.
25, Oak Hill,
Woodford Green,
Essex IG8 9NS
UK

Tel/Fax: +44 (0)208 504 6316
Mobile: +44 (0)7771 987452
www.cyberscreen.com 


-----------------------------------------------------------------------------------
to unsubscribe, send a blank email to: apache-ssl-unsubscribe@lists.aldigital.co.uk

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic