You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Taylor Dondich <td...@majiknetworks.com> on 2003/12/22 18:53:55 UTC
[users@httpd] UPDATE: Re: [users@httpd] Apache2 w/ SSL and mod_vhost_alias, can
this be done?
Well, I've further looked into the problem, and here's what I can tell.
When I have only 1 ip address on my server, and apache2 running on it,
with Listen 80 in httpd.conf with mod_vhost_alias running, and then
Listen 443 in ssl.conf with a virtualhost definition like this:
<VirtualHost 64.89.232.200:443>
# General setup for the virtual host
DocumentRoot "/virtuals/netnevada.net/secure/public_html"
ServerName secure.netnevada.net:443
ServerAdmin admin@datacomhotel.net
ErrorLog /var/log/httpd-error_log
TransferLog /var/log/httpd-access_log
SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/etc/apache2/ssl.crt/secure.netnevada.net.crt
SSLCertificateKeyFile
/usr/local/etc/apache2/ssl.key/secure.netnevada.net.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
Everything works. But as soon as I put another ip address on the same
network card (same subnet), then change the VirtualHost entry to have
that ip address, I get Invalid Request error when trying to pull up the
ssl site.
Any ideas?
Taylor
Brian Dessent wrote:
>Taylor Dondich wrote:
>
>
>>I'm using Apache2 with it's SSL usage. I am using mod_vhost_alias for
>>dynamic virtual hosts. However, I need to setup virtual hosts with SSL
>>setup.
>>
>>
>
>Name-based virtual hosts and SSL don't mix. It's a fundamental
>limitation. Each SSL vhost must be on a unique ip:port combination.
>
>(I can't tell if that's your problem or not, but when you mention
>virtual hosts and SSL the issue comes to mind.)
>
>Brian
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org