LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page SSL & NameBased VirtualHost ??
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 12-12-2004, 04:24 PM   #1
RHrulz
Member
 
Registered: Jul 2002
Location: Troy, KS
Distribution: Mandrake 10.1
Posts: 57

Rep: Reputation: 15
Question SSL & NameBased VirtualHost ??

Does anyone know if this is actually possible?

I am running Mandrake 10.1 as a mail server, got qmail running and everything works fine. I am running Apache 2.0. I want to get my Squirrelmail login secure. I figured I could use SSL and put some setting in the conf files. I have had no luck.

then I see this:

From Redhat.com:

You can not use name based virtual hosts with SSL, because the SSL handshake (when the browser accepts the secure Web server's certificate) occurs before the HTTP request which identifies the appropriate name based virtual host. If you want to use name-based virtual hosts, they will only work with your non-secure Web server.

From Apache.org:

Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol.

But then it goes on to say:

If you're planning to use multiple ports (e.g. running SSL) you should add a Port to the argument, such as *:80.

Anyone have SSL working for NameBased Virtual host?
 
Old 12-12-2004, 05:33 PM   #2
Butt-Ugly
Member
 
Registered: Nov 2004
Location: Brisbane, Australia
Distribution: Fedora Core 5
Posts: 89

Rep: Reputation: 15
If you have SSL running, you can force all your webmail to https before they login, this ensures your users are protected. It also stops them from adjusting URL to http.

Code:
<VirtualHost *:80>
    DocumentRoot /var/www/html
    ServerName www.example.com:80
    ServerAdmin admin@example.com
    RewriteEngine On
    RewriteCond %{SERVER_PORT} ^80$
    RewriteRule ^/webmail/(.*) https://%{SERVER_NAME}/webmail/$1 [R,L]
    RewriteLog /var/log/httpd/rewrite_engine_log
    RewriteLogLevel 3
</VirtualHost>
For those that want to create their own SSL certificates (2 yr life)

Code:
openssl req -new -out new.cert.csr
openssl rsa -in privkey.pem -out new.cert.key
openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 730


cp new.cert.key /etc/httpd/conf/ssl.key/server.key
cp new.cert.cert /etc/httpd/conf/ssl.crt/server.crt
Remember to keep your private keys save...

Hope this helps.

Miles
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache & SSL Kronux Linux - Networking 2 08-24-2005 08:44 AM
Previewing NameBased Sites - please help calmbomb Linux - General 1 11-03-2004 02:49 PM
Apache & VirtualHost nIMBVS Slackware 2 10-27-2004 03:01 PM
SSL Configuration on an Apache VirtualHost sancho5 *BSD 6 07-29-2002 08:09 AM
xchat & ssl, help! patroche Linux - Software 0 06-14-2002 11:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:53 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration