setting up virtual hosts

Madone_SL_5.5 · 07-04-2008, 11:33 AM

I'm new to virtual hosting, and also to ssl. I have both up and running tolerably well on my web server running Fedora 9, but have run into a couple of questions.

First, as you can see from the quote bellow, I have one site (firsthost.org) that is partly open and partly ssl. The open portion reads from the directory I have specified (/var/www/html/firsthost/), but the ssl portion bases itself from the /var/www/html/ directory even though I have specified /var/www/html/firsthost/ssl/ as its home directory. It doesn't care about the home directory specification. Why is this?

Second, is it acceptable for me to resolve both www.firsthost.org and firsthost.org by using the wildcard *.firsthost.org as in the first specified virtual host? Is there a better way? It does seem to work just fine.

The end of my httpd.conf file is as follows:

Quote:

NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin webmaster@dummy-host.example.com
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog logs/dummy-host.example.com-error_log
# CustomLog logs/dummy-host.example.com-access_log common
#</VirtualHost>

<VirtualHost *:80>
ServerName *.firsthost.org
DocumentRoot /var/www/html/firsthost/
</VirtualHost>

<VirtualHost *:80>
ServerName www.secondhost.com
DocumentRoot /var/www/html/secondhost/
</VirtualHost>

<IfDefine SSL>
<VirtualHost _default_:443>
ServerName *.firsthost.org
DocumentRoot /var/www/html/firsthost/ssl/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key
</VirtualHost>
</IfDefine>

Thanks for any suggestions.

harry edwards · 07-04-2008, 03:45 PM

Have you tried explicitly stating the hosts as a named virtual host? In my experience it reads better and works:

Code:

# IP of server
NameVirtualHost 1.2.3.4 # Change this


<VirtualHost 1.2.3.4:80>
ServerName www.firsthost.org
DocumentRoot /var/www/html/firsthost/
</VirtualHost>

<VirtualHost 1.2.3.4:80>
ServerName www.secondhost.com
DocumentRoot /var/www/html/secondhost/
</VirtualHost>

<VirtualHost 1.2.3.4:443>
ServerName www.firsthost.org
DocumentRoot /var/www/html/firsthost/ssl/
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key
</VirtualHost>

This URL cover the topic quite well http://httpd.apache.org/docs/1.3/vhosts/examples.html

vovaNux · 07-05-2008, 08:12 AM

Try also this link: http://www.lampdocs.com/blog/2008/04...st-that-works/

Wim Sturkenboom · 07-05-2008, 02:29 PM

Apache determines the virtual host based on the url that it receives. However, when you use ssl, that is encrypted and apache can not determine which host is requested. That is why you need to use ip-based virtual hosting and not name-based virtual hosting for the ssl site.

So my solution would be the same as in post 2, but only an ip-address for the ssl based site.

Mr. C. · 07-05-2008, 04:19 PM

Or you can redirect to a different port, where you run a single SSL host.