LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 03-09-2011, 03:53 AM   #1
yoachan
Member
 
Registered: Nov 2009
Posts: 107

Rep: Reputation: 16
https and http for one domain name


Dear all,

I'm using a box running CentOS 5.5 powered with Apache2. In this machine I hosted several domains and sub domains, managed by Apache's virtual host.

Due to security issue, one sub domain needs to be able to be accessed either using http or https.
My question is:
  1. Is it possible to set a sub domain to be able to be reached using both http and https?
  2. If it's possible, how to make it happens?

any help appreciated.

regards,

Yoachan
 
Old 03-09-2011, 04:18 AM   #2
vishnu_sreekumar
Member
 
Registered: Jan 2006
Location: India
Distribution: Ubuntu, RHEL, Debian
Posts: 49

Rep: Reputation: 20
Yes, what you're trying to do is possible in apache (apart from the given data, I'm assuming that the server got a static IP and no other https domains are served via this IP). I'll just brief what you need to do to configure the subdomain with both http and https. There might be many step by step tutorials available on this so feel free to google and find one if you need more detailed information :P

1) Purchase an SSL certificate for the specific domain.
2) Make sure your apache server is compiled with mod_ssl, if not install and enable mod_ssl
3) Copy the certificate and private key to the specific locations (check the virtualhost configuration given below)
4) Create a virtual host entry for your subdomain (this will serve the domain via http)
5) Create one more virtual host entry like this
Code:
<VirtualHost YOUR_STATIC_IP:443>
     ServerName sub.yourdomain.com
     DocumentRoot /path/to/docroot
     SSLEngine on
     SSLProxyEngine on
     SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
     SSLProtocol all -SSLv2
     SSLCertificateFile /etc/pki/tls/certs/yourcert.crt
     SSLCertificateKeyFile /etc/pki/tls/private/yourkey.key
     ErrorLog logs/sub.yourdomain.com-ssl_error_log
     CustomLog logs/sub.yourdomain.com-ssl_access_log common
     LogLevel warn
</VirtualHost>
6) Check the syntax of the config files and restart the server. Your sub-domain should be accessible at both http and https.
Hope this will help you to get started
 
1 members found this post helpful.
Old 03-09-2011, 08:44 PM   #3
yoachan
Member
 
Registered: Nov 2009
Posts: 107

Original Poster
Rep: Reputation: 16
@Vishnu:

Thanks for your quick and brief reply.
I will give it a shot.

About your statement
Quote:
I'm assuming that the server got a static IP and no other https domains are served via this IP
What's the difference if I have other https domain served via this IP. Just in case I need to make another https next time

warm regards,

Yoachan
 
Old 03-10-2011, 04:11 AM   #4
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
Quote:
What's the difference if I have other https domain served via this IP. Just in case I need to make another https next time
In https, the connections are established via IP without any knowledge of the host name. This means that if you try to have multiple vhosts that are secure, that the additional hosts will get the security cert that is identified with the first host, not the intended one, and this is an error in the strict sense as the site will be wrong. Depending on your needs, this may not be an issue. For example, if you are using it to access your own Webmail do you care if the cert is strictly valid as long as you know it is your server. You can also look into a function called SNI, Server Name Indication, and there have been some threads here discussing how to implement it.
 
Old 03-13-2011, 06:52 AM   #5
yoachan
Member
 
Registered: Nov 2009
Posts: 107

Original Poster
Rep: Reputation: 16
@Noway2: Thanks for your reply
It really help me to understand

thanks
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
one domain on 443 and other on 80 but https on 80 domain need to be stopped majid Linux - General 0 08-30-2006 07:24 PM
Can I run apache http and https on different servers for one domain? izghitu Linux - Software 1 07-04-2006 12:58 PM
http and https wennie Linux - Software 1 04-01-2005 11:47 AM
HTTP to HTTPS shegde Linux - Software 8 01-31-2003 04:29 AM
https or http? antken Programming 3 10-30-2002 05:06 PM


All times are GMT -5. The time now is 05:49 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration