LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 04-11-2004, 11:57 PM   #1
jrbush82
Member
 
Registered: Mar 2002
Location: Hampton, VA
Posts: 86

Rep: Reputation: 15
Mulltiple SSL Virtual Hosts w/Apache


Howdy everyone... this is a tricky one, at least for me it is.

I am trying to setup multipe ssl virtual hosts, each with their own certificate with apache. Here is what I have, and it isn't working.

Code:
<VirtualHost _default_:443>

DocumentRoot "/usr/local/apache2/htdocs/bushylegg"
ServerName www.bushylegg.com:443
ServerAdmin jrbush82@yahoo.com
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log
SSLEngine on
SSLCipherSuite  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL
v2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/bushylegg.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/bushylegg.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache2/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
Now that is the default, now I am trying to setup a subdomain that has a seperate certificate. Here is what I have:

Code:
<VirtualHost test.bushylegg.com:443>

DocumentRoot "/usr/local/apache2/htdocs/bushylegg.test"
ServerName test.bushylegg.com:443
ServerAdmin jrbush82@yahoo.com
ErrorLog /usr/local/apache2/logs/error_log
TransferLog /usr/local/apache2/logs/access_log
SSLEngine on
SSLCipherSuite  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL
v2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache2/conf/ssl.crt/bushylegg.test.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/bushylegg.test.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache2/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache2/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
The problem is, when I goto https://www.bushylegg.com, the site comes up with the message, this cert has a valid name and valid date and invalid certificate authority, which is right. But... when I goto https://test.bushylegg.com, the site only has a valid date, and now has an invlad name. It seems it is reading the default certificate for the bushylegg.com domain, rather than the new one I specified for the subdomain.

Any ideas on how to fix this?

Thanks in advance,
Jason Bush
 
Old 04-12-2004, 08:17 AM   #2
pembo13
Member
 
Registered: May 2003
Location: Caribbean
Distribution: Fedora Core2
Posts: 403

Rep: Reputation: 30
I am no pro. But trying putting the default entry last.
 
Old 04-12-2004, 11:01 AM   #3
SlackMaster
Member
 
Registered: Mar 2003
Distribution: Slackware
Posts: 35

Rep: Reputation: 15
My understanding is that this cannot be done:
-Multiple SSL VirtualHosts on a single IP address and port combination.

The wording of the comments in the ssl.conf file can lead you to assume that this can be done as easily as the non-SSL name-based virtual hosting.

Here's the link to the Apache 2.0 FAQ on this:
http://httpd.apache.org/docs-2.0/ssl...q.html#vhosts2
 
Old 04-12-2004, 02:49 PM   #4
jrbush82
Member
 
Registered: Mar 2002
Location: Hampton, VA
Posts: 86

Original Poster
Rep: Reputation: 15
Ah, well that makes since, I thought I had pretty much gone through the entire apache website looking for ways to do this, guess I was wrong. Thanks for pointing that out... Damn, there goes a few hours of my life.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
vsftpd, web uploads, vsftpd virtual users, apache virtual hosts, home directories jerryasher Linux - Software 7 02-18-2007 06:29 AM
apache-ssl setup virtual hosts notolerance Linux - Software 3 12-22-2005 04:20 PM
Apache + SSL + Virtual Hosts otisthegbs Linux - Software 3 10-05-2004 07:59 PM
Apache2, SSL, 2 Virtual Hosts franticbob Linux - Software 0 04-07-2004 09:48 PM
Apache: Virtual hosts pk21 Linux - Software 15 10-08-2002 05:08 PM


All times are GMT -5. The time now is 03:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration