You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by joe pond <di...@hotmail.com> on 2006/10/19 14:58:43 UTC
[users@httpd] multiple vhosts on port 80 and port 443
I noticed on 10/19/2006 several postings about this. I may have included too
much stuff but some folks may need the info.
The following configuration setup enables me to have multiple vhost on port
80 and multiple vhosts on port 443 and I can require login/password or not
for eithe port 80 or port 443.
The non-matching server name on the 2nd 443 host would seem to be
resolveable by creating another certificate with that servers name in it but
I have not tried that yet.
HTH
digger920
Apache2.2.X, SSL, Vhosts
I use include files to make troubleshooting a bit easier.
This is a WAMP server BTW.
In httpd.conf
Listen 192.168.10.4:80
Listen 192.168.10.4:443
LoadModule ssl_module modules/mod_ssl.so
# Virtual hosts
Include conf/extra/httpd-vhosts.conf
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLMutex default
SSLSessionCache none
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
========================
In httpd-vhosts.conf
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin whoever@where-ever
ServerName juneau
DocumentRoot "C:/Server/Apache2.2/htdocs"
#ErrorLog logs/dummy-host.example.com-error_log
#CustomLog logs/dummy-host.example.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin whoever@where-ever
ServerName ASite
#ServerAlias Test1
DocumentRoot "C:/Server/Apache2.2/htdocs/www/A-Site"
#ErrorLog logs/dummy-host2.example.com-error_log
#CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>
<VirtualHost *:80>
ServerAdmin whoever@where-ever
ServerName secure
DocumentRoot "C:/Locked"
<Directory /Locked>
AuthType Basic
AuthName "Locked Test"
AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
Require user testuser
Order allow,deny
Allow from all
</Directory>
#ErrorLog logs/dummy-host2.example.com-error_log
#CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>
==================================
In httpd-ssl.conf
NameVirtualHost *:443
## SSL Global Context
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLSessionCache shmcb:c:/server/apache2.2/logs/ssl_scache(512000)
SSLSessionCacheTimeout 300
## SSL Virtual Host Context
<VirtualHost *:443>
# General setup for the virtual host
ServerName juneau
ServerAdmin whoever@where-ever
DocumentRoot "c:/SecureToo/"
<Directory /SecureToo>
Order allow,deny
Allow from all
</Directory>
ErrorLog c:/server/apache2.2/logs/vhost_SSL_error_log.log
TransferLog c:/server/apache2.2/logs/vhost_SSL_access_log.log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile c:/server/apache2.2/conf/ssl/juneau.crt
SSLCertificateKeyFile c:/server/apache2.2/conf/ssl/juneau.key
SSLCertificateChainFile c:/server/apache2.2/conf/ssl/juneau.crt
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory "c:/server/apache2.2/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog c:/server/apache2.2/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
ServerAdmin whoever@when-ever
ServerName secure
DocumentRoot "C:/Locked/"
<Directory /Locked>
AuthType Basic
AuthName "Locked Test"
AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
Require user jpond
Order allow,deny
Allow from all
</Directory>
#ErrorLog logs/dummy-host2.example.com-error_log
#CustomLog logs/dummy-host2.example.com-access_log common
</VirtualHost>
_________________________________________________________________
Add a Yahoo! contact to Windows Live Messenger for a chance to win a free
trip!
http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] multiple vhosts on port 80 and port 443
Posted by masro <ma...@llbc.de>.
Hi,
let us know if the second HTTPS Vhost works with second certificate, i
think it is not possible to have a second namebased HTTPS vhost, because
the SSL handshake is done before Apache recieves the GET request and the
host header.
regards
joe pond schrieb:
> I noticed on 10/19/2006 several postings about this. I may have
> included too much stuff but some folks may need the info.
>
> The following configuration setup enables me to have multiple vhost on
> port 80 and multiple vhosts on port 443 and I can require
> login/password or not for eithe port 80 or port 443.
>
> The non-matching server name on the 2nd 443 host would seem to be
> resolveable by creating another certificate with that servers name in
> it but I have not tried that yet.
>
> HTH
>
> digger920
>
>
> Apache2.2.X, SSL, Vhosts
>
> I use include files to make troubleshooting a bit easier.
> This is a WAMP server BTW.
>
> In httpd.conf
>
> Listen 192.168.10.4:80
> Listen 192.168.10.4:443
>
> LoadModule ssl_module modules/mod_ssl.so
>
>
>
> # Virtual hosts
> Include conf/extra/httpd-vhosts.conf
>
> # Secure (SSL/TLS) connections
> Include conf/extra/httpd-ssl.conf
>
> <IfModule ssl_module>
> SSLMutex default
> SSLSessionCache none
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
> </IfModule>
>
> ========================
>
> In httpd-vhosts.conf
>
> NameVirtualHost *:80
>
> <VirtualHost *:80>
> ServerAdmin whoever@where-ever
> ServerName juneau
> DocumentRoot "C:/Server/Apache2.2/htdocs"
>
> #ErrorLog logs/dummy-host.example.com-error_log
> #CustomLog logs/dummy-host.example.com-access_log common
> </VirtualHost>
>
> <VirtualHost *:80>
> ServerAdmin whoever@where-ever
> ServerName ASite
> #ServerAlias Test1
> DocumentRoot "C:/Server/Apache2.2/htdocs/www/A-Site"
>
> #ErrorLog logs/dummy-host2.example.com-error_log
> #CustomLog logs/dummy-host2.example.com-access_log common
> </VirtualHost>
>
> <VirtualHost *:80>
> ServerAdmin whoever@where-ever
> ServerName secure
> DocumentRoot "C:/Locked"
> <Directory /Locked>
> AuthType Basic
> AuthName "Locked Test"
> AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
> Require user testuser
> Order allow,deny
> Allow from all
> </Directory>
> #ErrorLog logs/dummy-host2.example.com-error_log
> #CustomLog logs/dummy-host2.example.com-access_log common
> </VirtualHost>
>
> ==================================
>
> In httpd-ssl.conf
>
> NameVirtualHost *:443
>
> ## SSL Global Context
>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
>
> SSLSessionCache shmcb:c:/server/apache2.2/logs/ssl_scache(512000)
> SSLSessionCacheTimeout 300
>
> ## SSL Virtual Host Context
>
> <VirtualHost *:443>
>
> # General setup for the virtual host
> ServerName juneau
> ServerAdmin whoever@where-ever
> DocumentRoot "c:/SecureToo/"
>
> <Directory /SecureToo>
> Order allow,deny
> Allow from all
> </Directory>
>
>
> ErrorLog c:/server/apache2.2/logs/vhost_SSL_error_log.log
> TransferLog c:/server/apache2.2/logs/vhost_SSL_access_log.log
>
>
> # SSL Engine Switch:
> # Enable/Disable SSL for this virtual host.
> SSLEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> SSLCertificateFile c:/server/apache2.2/conf/ssl/juneau.crt
>
> SSLCertificateKeyFile c:/server/apache2.2/conf/ssl/juneau.key
>
> SSLCertificateChainFile c:/server/apache2.2/conf/ssl/juneau.crt
>
> <FilesMatch "\.(cgi|shtml|phtml|php)$">
> SSLOptions +StdEnvVars
> </FilesMatch>
> <Directory "c:/server/apache2.2/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
>
> BrowserMatch ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
> CustomLog c:/server/apache2.2/logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
>
> <VirtualHost *:443>
> ServerAdmin whoever@when-ever
> ServerName secure
> DocumentRoot "C:/Locked/"
> <Directory /Locked>
> AuthType Basic
> AuthName "Locked Test"
> AuthUserFile C:/Server/Apache2.2/htdocs/passwords/pwrd
> Require user jpond
> Order allow,deny
> Allow from all
> </Directory>
> #ErrorLog logs/dummy-host2.example.com-error_log
> #CustomLog logs/dummy-host2.example.com-access_log common
> </VirtualHost>
>
> _________________________________________________________________
> Add a Yahoo! contact to Windows Live Messenger for a chance to win a
> free trip!
> http://www.imagine-windowslive.com/minisites/yahoo/default.aspx?locale=en-us&hmtagline
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org