LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   Apache + Mod SSL driving me bonkers (https://www.linuxquestions.org/questions/linux-software-2/apache-mod-ssl-driving-me-bonkers-132615/)

hjunk86 01-07-2004 11:28 PM

Apache + Mod SSL driving me bonkers
 
Hey everyone,

I just wondered if somebody who knows a little about apache and ssl would give me a hand with my problem. I have an apache 2 server running on a redhat 8 machine that has been working fine (running about 3-4 virutal hosts) for a few months now.

I wanted to try out a program that needed a https server, so I would really like to run the https server as just a virtualhost on the server i already have.

I am sure that my SSL certs are all set-up properly, and mod-ssl is all working, but I seem to be having trouble.

When I set SSLEngine On in the virtual host that I created (port 443) for my new https server, it works fine, but all the other virtual hosts give me a bad request (http error 400) when i try to view them, and they try to push me to an https version of the page (like if the virtual host were normally accessed by http--- after turning on SSLEngine, it makes me go to https--- which really isn't very handy).

I've found some information online about Port and Listen commands, but the port commmands aren't compatible with the newer versions of Apache. Is what I am trying to do actually possible? According to the mod_ssl documentation, it is, but it doesn't go into any detail at all.

Thanks for any assistance you can provide,
Hjunk86

je_fro 01-08-2004 01:26 AM

I'm pretty sure ssl won't run alongside virtual hosts. Check apache.org. I read it there somewhere.

Noerr 01-08-2004 08:44 AM

you need to specify https virtual hosts completely seprate from http vh.
and then again you can only have 1 ssl host/ip or /port

hjunk86 01-08-2004 06:02 PM

Still troubled...
 
Thanks for replying,

I don't think you are quite right about it running with virutal hosts. If you look on mod_ssl's website, they specifically say you can:

"Yes, HTTP and HTTPS use different server ports, so there is no direct conflict between them. Either run two separate server instances (one binds to port 80, the other to port 443) or even use Apache's elegant virtual hosting facility where you can easily create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS."

Also, (Noerr), what do you mean by "specify virtual hosts completely seprate from http vh." I thought of this originally, but wasn't too sure how to implement it. I have an ssl.conf file in my conf.d directory (under the httpd directory), that I originally put the single https virtual host in, but it doesn't seem to make a difference where it is...I still experience the same problem.

Thanks,
Hjunk86

stickman 01-08-2004 07:59 PM

In order to run two SSL websites on the same server you have to do one of the following:
- each site on a different IP address
- each site on a different port on same IP address

This needs to be done because Apache does not decrypt the request until it knows where to send it. The only way that it know is by by differentating the IP address or the port.

The quote that you included refers to a non-SSL and SSL site sharing the same IP address but on different port (80 and 443), which is not a problem. Multiple non-SSL virtual hosts on the same IP and port combination are not a problem, because the request is in plain text and Apache knows which virtual host to send the request to.

hjunk86 01-09-2004 01:16 AM

Confusion
 
Hello again,

Sorry, but I don't think you understand. I must not have been very clear with my initial question. I would like to only run one https server, but I would like to run about 4-5 regular (http, port 80) virtual hosts on the same apache + mod_ssl server. Is this possible?

Thanks,
Hjunk86

stickman 01-09-2004 08:17 AM

Yes, it's completely possible. Just read the Virtual Hosts documentation on the Apache site.

hjunk86 01-10-2004 12:36 PM

Thanks for the tips,

I have fixed the problem now...Turns out that I needed to use the NameVirtualHosts entry in my server. The only thing I experience now is the following warning when I start apache:

[warn] NameVirtualHost xxx.xxx.xxx:0 has no VirtualHosts

It doesn't seem to affect anything at all, but it's strange that it says port 0, as I only have apache listening on 80 and 443.

Thanks,
hjunk86


All times are GMT -5. The time now is 09:44 AM.