[clue-tech] apache2 ssl with virtual hosts
Mike Staver
staver at fimble.com
Thu Mar 16 22:11:14 MST 2006
>> So are you saying that you're able to serve virtual hosts with one IP
>> using SSL with mod_rewrite? I didn't think that was possible since the
>> http header was encrypted and that header is necessary to do virtual
>> hosting. If that's not true I'd *love* to know how you did it since I
>> could save myself a few bucks and get rid of some additional static IPs.
>
> Yeah THAT'S not possible.
> My problem was I set up http and https for domain1.com, but
> https://domain2.com was bringing up the site for https://domain1.com
>
> Why we can't just have SSL layer based on the IP instead of the domain
> name (like SSH does), I don't know.
I think I have done what you're suggesting before - are you simply
trying to use one public IP address for 2 SSL cert based domain names? I
have done that before I think - I could be wrong, I honestly can't
remember how I did it a few years ago, but I may have had 2 IPs pointed
at one box. Would this work?
<VirtualHost *:443>
ServerName domain1.com:443
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain1.com.crt
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain1.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain1.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
ServerName domain2.com:443
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain2.com.crt
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain2.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain2.com.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
If that didn't work, maybe change the virtualhost lines to:
<VirtualHost domain1.com:443>
<VirtualHost domain2.com:443>
--
-Mike Staver
staver at fimble.com
mstaver at globaltaxnetwork.com
_______________________________________________
CLUE-tech mailing list
CLUE-tech at cluedenver.org
http://cluedenver.org/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list