Hello everyone. I recently got Apache (1.0.49) up and running with openssl and everything seems to be working just fine.

I have one vhost I wanted working over SSL. All others I want to be standard http. So, I have my 1 vhost (foo.mydomain.com) listening on port 443, all others listen on 80.

For arguments sake:

foo.mydomain.com:443
mydomain.com:80
bar.mydomain.com:80

However, *all* requests sent over https:// go to foo.mydomain.com instead of say mydomain.com or bar.mydomain.com (it catches *everything*, even thissubdomaindoesntexist.mydomain.com). I don't want anything to work over SSL except requests sent specifically to foo.mydomain.com.

My first thought was to specify this in my vhost directive:

<VirtualHost foo.mydomain.com:443>
ServerName foo.mydomain.com

instead of

<VirtualHost *:443>
ServerName foo.mydomain.com

But it still grabs *all* https requests. So then I thought I might create a second vhost that also listens on 443 (ala <VirtualHost *:443>) which has a document root equivalent to mydomain.com's docroot, but still, foo.mydomain.com:443 is catching *everything*

Any idea what to do? I don't want any https requests to go through unless foo.mydomain.com is specified exactly.

I hope your apache version is not 1.0.49 as you stated (!?).

First thing is that you're using name based virtual hosting.

For accuracy it's best - IMHO - to use ip based virtual hosts. (<Virtualhost nn.nn.nn.nn:nnn>)

If you GET / from hostname.blah.cxm:443 , apache will be resolving hostname.blah.cxm to the real ip and that ip will always be the same one and so it will end up at - you guessed it ... -> ip:443.


I'll have a fiddle when I've more time.