Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 8th December 2005, 05:59
Creator1326 Creator1326 is offline
Junior Member
 
Join Date: Dec 2005
Posts: 2
Thanks: 0
Thanked 0 Times in 0 Posts
Default Apache2 and multiple SSL configs and name based virtual hosting

Apache/2.0.55 DAV/2 PHP/5.0.4 mod_ssl/2.0.55 OpenSSL/0.9.7i

I have two virtual hosts that need SSL certs and I have them configured but which ever one is listed is the one that sends out it's cert and overrides the other SSL config.

I have tried to place IfDefines around the two SSL virtual hosts but still a no go, I can't figure out how to separate them to keep the SSL certs from overlapping. Any Ideas?

above them are some related stuff and not necessarily in this order:
Listen 172.16.0.2:80
Listen 172.16.0.2:443
NameVirtualHost 172.16.0.2:80
NameVirtualHost 172.16.0.2:443

AcceptMutex flock
SSLProtocol all
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/opt/apache2/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex flock:/opt/apache2/logs/ssl_mutex
SSLRandomSeed startup builtin

here's a one of the two SSL vhosts both are subdomains of two diffferent domains.

<VirtualHost host.domain.org:443>
# General setup for the virtual host
DocumentRoot /opt/apache2/htdocs/host
#ServerName has to match the server you entered into the CSR
ServerName host.domain.org
ServerAdmin webmaster@domain.org
ErrorLog logs/host-error_log
TransferLog logs/host-access_log
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
SSLProtocol all
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL v2:+EXP:+eNULL
# Path to your certificates and private key
SSLCertificateFile /opt/apache2/conf/ssl.crt/host.crt
SSLCertificateKeyFile /opt/apache2/conf/ssl.key/host.key
SSLCACertificateFile /opt/apache2/conf/ssl.crt/ca.crt
<Files ~ "\.(cgi|shtml|phtml|php3?|php5?)$">
SSLOptions +StdEnvVars
</Files>
<Directory /opt/apache2/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
# correction for browsers that don't always handle SSL connections well
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
Reply With Quote
Sponsored Links
 

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +2. The time now is 14:15.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.