I purchased a wildcard SSL cert through my DNS registrar, gandi.net. The cert works great on a straight domain (e.g.
https://example.com); but I am having trouble setting up subdomains.
The subdomain I'm trying to set up is just x.example.com. The response from
https://x.example.com in the web browser is host not found. But remember that
https://example.com works perfectly.
Here is my config from the file /etc/apache2/sites-enabled/example.com:
Code:
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com *.example.com
ServerAdmin mwjones@example.com
DocumentRoot /home/mwjones/www/example.com
<Directory />
Options FollowSymLinks
AllowOverride AuthConfig
</Directory>
<Directory /home/mwjones/www/example.com>
Options -Indexes FollowSymLinks MultiViews
AllowOverride Authconfig
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/example.com_error.log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog /var/log/apache2/example.com_access.log combined
ServerSignature On
</VirtualHost>
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com *.example.com
ServerAdmin mwjones@example.com
DocumentRoot /home/mwjones/www/example.com
<Directory />
Options FollowSymLinks
AllowOverride AuthConfig
</Directory>
<Directory /home/mwjones/www/example.com>
Options -Indexes FollowSymLinks MultiViews
AllowOverride Authconfig
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/cert-example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/mwjones.key
SSLCertificateChainFile /etc/apache2/ssl/GandiStandardSSLCA.pem
SSLVerifyClient None
ErrorLog /var/log/apache2/example.com-ssl_error.log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog /var/log/apache2/example.com-ssl_access.log combined
ServerSignature On
</VirtualHost>
<VirtualHost *:443>
ServerName x.example.com
DocumentRoot /home/mwjones/www/example.com/x
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/cert-example.com.crt
SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
SSLCertificateChainFile /etc/apache2/ssl/GandiStandardSSLCA.pem
SSLVerifyClient None
ErrorLog /var/log/apache2/example.com_x-ssl_error.log
LogLevel debug
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
CustomLog /var/log/apache2/example.com_x-ssl_access.log combined
ServerSignature On
</VirtualHost>
The access log is empty, but here are the contents of /var/log/apache2/example.com_x-ssl_error.log with its LogLevel set to debug:
Code:
[Wed Apr 04 09:25:12 2012] [info] Loading certificate & private key of SSL-aware server
[Wed Apr 04 09:25:12 2012] [debug] ssl_engine_pphrase.c(470): unencrypted RSA private key - pass phrase not required
[Wed Apr 04 09:25:25 2012] [info] Configuring server for SSL protocol
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: SSLv3, TLSv1)
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(664): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(748): Configuring server certificate chain (1 CA certificate)
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(795): Configuring RSA server certificate
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(834): Configuring RSA server private key
[Wed Apr 04 09:25:25 2012] [info] Loading certificate & private key of SSL-aware server
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_pphrase.c(470): unencrypted RSA private key - pass phrase not required
[Wed Apr 04 09:25:25 2012] [info] Configuring server for SSL protocol
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(465): Creating new SSL context (protocols: SSLv3, TLSv1)
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(664): Configuring permitted SSL ciphers [ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL]
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(748): Configuring server certificate chain (1 CA certificate)
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(420): Configuring TLS extension handling
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(795): Configuring RSA server certificate
[Wed Apr 04 09:25:25 2012] [debug] ssl_engine_init.c(834): Configuring RSA server private key
What am I missing and how do I fix this?