LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 01-08-2004, 12:28 AM   #1
hjunk86
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Rep: Reputation: 0
Angry Apache + Mod SSL driving me bonkers


Hey everyone,

I just wondered if somebody who knows a little about apache and ssl would give me a hand with my problem. I have an apache 2 server running on a redhat 8 machine that has been working fine (running about 3-4 virutal hosts) for a few months now.

I wanted to try out a program that needed a https server, so I would really like to run the https server as just a virtualhost on the server i already have.

I am sure that my SSL certs are all set-up properly, and mod-ssl is all working, but I seem to be having trouble.

When I set SSLEngine On in the virtual host that I created (port 443) for my new https server, it works fine, but all the other virtual hosts give me a bad request (http error 400) when i try to view them, and they try to push me to an https version of the page (like if the virtual host were normally accessed by http--- after turning on SSLEngine, it makes me go to https--- which really isn't very handy).

I've found some information online about Port and Listen commands, but the port commmands aren't compatible with the newer versions of Apache. Is what I am trying to do actually possible? According to the mod_ssl documentation, it is, but it doesn't go into any detail at all.

Thanks for any assistance you can provide,
Hjunk86
 
Old 01-08-2004, 02:26 AM   #2
je_fro
Member
 
Registered: Nov 2002
Location: /texas/austin/home/desk
Distribution: Gentoo
Posts: 341

Rep: Reputation: 30
I'm pretty sure ssl won't run alongside virtual hosts. Check apache.org. I read it there somewhere.
 
Old 01-08-2004, 09:44 AM   #3
Noerr
Member
 
Registered: May 2002
Location: Dalec, HU
Distribution: Redhat 7.3
Posts: 696

Rep: Reputation: 30
you need to specify https virtual hosts completely seprate from http vh.
and then again you can only have 1 ssl host/ip or /port
 
Old 01-08-2004, 07:02 PM   #4
hjunk86
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Unhappy Still troubled...

Thanks for replying,

I don't think you are quite right about it running with virutal hosts. If you look on mod_ssl's website, they specifically say you can:

"Yes, HTTP and HTTPS use different server ports, so there is no direct conflict between them. Either run two separate server instances (one binds to port 80, the other to port 443) or even use Apache's elegant virtual hosting facility where you can easily create two virtual servers which Apache dispatches: one responding to port 80 and speaking HTTP and one responding to port 443 speaking HTTPS."

Also, (Noerr), what do you mean by "specify virtual hosts completely seprate from http vh." I thought of this originally, but wasn't too sure how to implement it. I have an ssl.conf file in my conf.d directory (under the httpd directory), that I originally put the single https virtual host in, but it doesn't seem to make a difference where it is...I still experience the same problem.

Thanks,
Hjunk86
 
Old 01-08-2004, 08:59 PM   #5
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
In order to run two SSL websites on the same server you have to do one of the following:
- each site on a different IP address
- each site on a different port on same IP address

This needs to be done because Apache does not decrypt the request until it knows where to send it. The only way that it know is by by differentating the IP address or the port.

The quote that you included refers to a non-SSL and SSL site sharing the same IP address but on different port (80 and 443), which is not a problem. Multiple non-SSL virtual hosts on the same IP and port combination are not a problem, because the request is in plain text and Apache knows which virtual host to send the request to.

Last edited by stickman; 01-08-2004 at 09:01 PM.
 
Old 01-09-2004, 02:16 AM   #6
hjunk86
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Unhappy Confusion

Hello again,

Sorry, but I don't think you understand. I must not have been very clear with my initial question. I would like to only run one https server, but I would like to run about 4-5 regular (http, port 80) virtual hosts on the same apache + mod_ssl server. Is this possible?

Thanks,
Hjunk86
 
Old 01-09-2004, 09:17 AM   #7
stickman
Senior Member
 
Registered: Sep 2002
Location: Nashville, TN
Posts: 1,552

Rep: Reputation: 53
Yes, it's completely possible. Just read the Virtual Hosts documentation on the Apache site.
 
Old 01-10-2004, 01:36 PM   #8
hjunk86
LQ Newbie
 
Registered: Jan 2004
Posts: 5

Original Poster
Rep: Reputation: 0
Thanks for the tips,

I have fixed the problem now...Turns out that I needed to use the NameVirtualHosts entry in my server. The only thing I experience now is the following warning when I start apache:

[warn] NameVirtualHost xxx.xxx.xxx:0 has no VirtualHosts

It doesn't seem to affect anything at all, but it's strange that it says port 0, as I only have apache listening on 80 and 443.

Thanks,
hjunk86
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
apache2 + mod-ssl keeps loading the default localhost.xxxxxx cert STEBEL Linux - Newbie 3 11-26-2005 08:49 AM
mod ssl on Redhat dvong3 Linux - Newbie 1 07-19-2005 01:22 PM
mod-ssl connection refused squeaks_27 Linux - Networking 3 05-31-2005 12:45 PM
Apache + Mod SSL abhijeetudas Linux - Software 0 01-05-2005 03:34 PM
Apache + Mod SSL driving me bonkers hjunk86 Linux - Software 1 01-09-2004 10:46 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:25 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration