httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Shearer" <j...@shearer-family.org>
Subject Re: [users@httpd] NameVirtualHost Directive - - - - Multiple SSL virtual hosts
Date Sat, 05 Jun 2010 20:08:40 GMT
Duane,

Thanks for responding to my post.  The error message I get from using the NameVirgualHost
command is:

[Sat Jun 05 15:38:49 2010] [warn] NameVirtualHost 192.168.0.93:80 has no VirtualHosts

Here is a copy and paste right out of my httpd.conf

Listen 192.168.0.93:80
Listen 192.168.0.200:80

NameVirtualHost 192.168.0.93:80

I had in each virtual host configured with the IP address when I received that error.  When
I tried your example using the fqdn in the <VirtualHost fqdn.com> container, I mulitple
errors like this:

[Sat Jun 05 15:51:21 2010] [warn] VirtualHost fqdn1.com:80 overlaps with VirtualHost fqdn2.com:80,
the first has precedence, perhaps you need a NameVirtualHost directive

This is repeated for every name-based virtual host I have until I added the fqdns to /etc/hosts.
 However, I still get the error message about NameVirtualHost 192.168.0.93 has no Virtual
Hosts


Concerning your suggestion for the wild card certificate, I see there is a multi-domain certificate
offered that seems like just what I need.  I wonder how I configure my SSLCertificateFile
and SSLCertificateKeyFile directives.  Do I simply point these directives to the same files
within the different ip-based virtual hosts?  Something like this:

<VirtualHost 192.168.0.200:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>

<VirtualHost 192.168.0.201:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>

<VirtualHost 192.168.0.202:443>
SSLCertificateFile "/files/server.crt"
 SSLCertificateKeyFile "/files/server.key"
</VirtualHost>


-----Original Message-----
From: "Duane Winner" [duane@duanewinner.net]
Date: 06/04/2010 03:23 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] NameVirtualHost Directive - - - - Multiple SSL 
	virtual hosts



On Fri, Jun 4, 2010 at 6:10 PM, Jeff Shearer <jeff@shearer-family.org> wrote:
I have an Apache 2.2 server sitting on a box with one physical address and multiple virtual
addresses.  The physical address servers my name-based virtual hosts where as the virtual
addresses server ip-based virtual hosts.   I read about the NameVirtualHost directive and
tried to implement it but it seems it does nothing but cause error messages.  I tried to
put into the main server config near my listen directives and received an error that there
was no virtual host despite the fact that there are more than one virtual host.

I also tried to put it just before each of the virtual host directives and received errors.

Is this directive needed, everything seems to work fine with out it.

What are the error messages?

For your physical address serving your virtual hosts you should have:

Listen your-physical-ip:80
Listen your-physical-ip:443
NameVirtualHost your-physical-ip7:80
NameVirtualHost your physical-ip:443
...


Then for each virtual host served by physical IP, all you need is:

<VirtualHost virtual.host.fqdn:80>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>


<VirtualHost virtual.host.fqdn:443>
  ServerName virtual.host.fqdn
   ...
</VirtualHost>


Also, for each virtual host, youll need an entry in /etc/hosts:

your-physical-ip     virtual.host.fqdn1
your-physical-ip     virtual.host.fqdn2
etc.


 
In a related matter.  I am having trouble implementing a second https server one of virtual
ip addresses.  Both domains have permanent redirects to the https port.  However, the second
ssl server does not even show up when I conduct a port scan on its ip address.  Yet both
have the same SSL configuration elements.  I have compared the two configurations and I see
absolutely no difference except of course the SSL certificate and server key targets.

When I disable the permanent redirect, I have not trouble getting to the domain on port 80.
  
Is it  possible to run 2 https servers using different virtual addresses on the same physical
server?

Yes -- its not recommended by apache, but its done.

The clients will either get warnings about the certificate being invalid, or you can get a
wildcard certificate if all your virtual ssl hosts use the same domain name (box1.mydomain.com,
box2.mydomain,com, box3.mydomain.com, etc.). Apache still doesnt like this and will spit warnings,
but it works.





 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message