LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   configuring secured name based virtual host (https://www.linuxquestions.org/questions/linux-security-4/configuring-secured-name-based-virtual-host-546663/)

bzlaskar 04-17-2007 02:24 AM

configuring secured name based virtual host
 
Hi, All

I am trying to configure a secured name based virtual domains. I have
created to virtual domains. One is www.iqnet.in and another is
mail.iqnet.in. I want mail.iqnet.in to use https. For that I have done the following configurations in
/etc/httpd/conf/httpd.conf file.

Listen 192.168.117.222:80

NameVirtualHost 192.168.117.222

<VirtualHost 192.168.117.222:80>
ServerAdmin z...@iqnet.in
DocumentRoot /var/www/html/www.iqnet.in
ServerName www.iqnet.in
ErrorLog logs/www.iqnet.in-error_log
CustomLog logs/www.iqnet.in-access_log common
</VirtualHost>

<VirtualHost 192.168.117.222:443>
SSLCertificateFile /etc/httpd/conf/ssl.crt/localhost.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
ServerAdmin z...@iqnet.in
DocumentRoot /var/www/html/mail.iqnet.in
ServerName mail.iqnet.in
ErrorLog logs/mail.iqnet.in-error_log
CustomLog logs/mail.iqnet.in-access_log common
</VirtualHost>

When I restart the httpd service , it starts successfully without any
error. But when I try to acces the mail.iqnet.in or www.iqnet.in , the site does not opens .
Also , I am using self signed CA certificate.I am using apache 2.2 in
Fedora Core 6. please help me out in making this configuration work.

With thanks .

bathory 04-17-2007 03:06 AM

It seems that mail.iqnet.in does not have a dns entry, so it couldn't be found. You should correct this first. As for apache if you use just httpd.conf to setup secure and non secure vhosts change the Listen directive to:
Code:

Listen 80 443

d@@b 04-17-2007 11:14 AM

Like said above, name resolution might be your problem. For testing purpose, try to add mail.iqnet.in into the host file or add an entry into your dns server. I found the -S switch usefull when making sure that the vhost are configured correctly.
Code:

httpd -S

bzlaskar 04-18-2007 04:27 AM

Quote:

Originally Posted by bathory
It seems that mail.iqnet.in does not have a dns entry, so it couldn't be found. You should correct this first. As for apache if you use just httpd.conf to setup secure and non secure vhosts change the Listen directive to:
Code:

Listen 80 443



mail.iqnet.in does have a dns entry and name resolution is taking place correctly.


I have put the Listen directive in /etc/httpd/conf/httpd.conf , but still it is now working.

bathory 04-19-2007 06:05 AM

Take a look at the output of
Code:

netstat -tan
to see if both 80 and 443 are open and listening. Then point your browser to http://www.iqnet.in and https://mail.iqnet.in and take a look at the error_log to see if you can find any errors.

Regards


All times are GMT -5. The time now is 07:23 AM.