LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 08-03-2004, 04:00 AM   #16
SiegeX
Member
 
Registered: Jul 2004
Location: Silicon Valley, CA
Distribution: Slackware
Posts: 171

Original Poster
Rep: Reputation: 38

Quote:
I works in your case because Apache listen on port TCP 443 (so at the transport layer) and just for one virtual host (so just one IP, network layer), so the adress is already resolved at the transport layer BEFORE SSL (session layer) send the certificate.
I agree with you 100% and you in fact just restated my first point in bold which states:
Quote:
If you just want SSL with one domain you can still use named virtual hosts.
Now as you mentioned you could make SSL live on some random port you just pull out of your hat but we are strictly speaking RFC ports.

I think you are just looking at this at too low of a level. The definition I go by which distinguishes between name-based and ip-based is the use of the NameVirtualHost directive. If you have that, its name based pure and simple. I Just dont see how you can still call it ip-based when NameVirtualHost is staring at you in the face. Perhaps we can meet at the middle, the port 80 vhosts are obviously name-based, but ill agree that the port 443 vhost is somewhat of a "port based" as you put it. There how is that for comprimise

Last edited by SiegeX; 08-03-2004 at 04:03 AM.
 
Old 08-03-2004, 04:20 AM   #17
Cedrik
Senior Member
 
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140

Rep: Reputation: 243Reputation: 243Reputation: 243
I give up man Note that NameVirtualHost may be used to identify your non-secure virtual hosts but this directive will be never used to identify the secure virtual host.
 
Old 08-06-2004, 05:51 AM   #18
vaworx
Member
 
Registered: Nov 2003
Location: Honolulu/HI
Distribution: Slackware current, FreeBSD 4.10, 5.4, 6.2, Debian, RedHat, CentOS, Sun Cobalt OS
Posts: 66

Rep: Reputation: 15
I have also one question regarding Apache w/OpenSSL. When you create the certificate and you make it to www.mydomain.com everything is fine you got to the page with https://www.mydomain.com everything cool you get the check-marks and everything. However, when you access the page from https://mydomain.com (without the www) the certificate is "not valid".
Is there a way so that i could create a certificate for both www.mydomain.com and mydomain.com. I know i cannot use wild-cards such as *mydomain.com so i'm kinda wondering what to do? Any suggestions?
 
Old 08-06-2004, 06:58 AM   #19
Cedrik
Senior Member
 
Registered: Jul 2004
Distribution: Slackware
Posts: 2,140

Rep: Reputation: 243Reputation: 243Reputation: 243
Quote:
I know i cannot use wild-cards such as *mydomain.com so i'm kinda wondering what to do
But you CAN use wild-cards such as *.mydomain.com

When it ask for Common Name, answer *.mydomain.com, you will see

Last edited by Cedrik; 08-06-2004 at 06:59 AM.
 
Old 09-16-2004, 12:36 PM   #20
jml75
Member
 
Registered: Jun 2004
Distribution: Ubuntu 7.10, Debian 4.0
Posts: 49

Rep: Reputation: 15
I have q question, How would I setup vhost if I have three sites, one that has a ssl part and the two others without ssl? And is it possible to do it from behind a fire wall?

Thanx!
 
Old 09-16-2004, 01:37 PM   #21
SiegeX
Member
 
Registered: Jul 2004
Location: Silicon Valley, CA
Distribution: Slackware
Posts: 171

Original Poster
Rep: Reputation: 38
I gave an example on how to do exactly that on the first page of my post. As for the firewall, just make sure you allow ports 80 and 443 from your external NIC.
 
Old 09-16-2004, 02:38 PM   #22
jml75
Member
 
Registered: Jun 2004
Distribution: Ubuntu 7.10, Debian 4.0
Posts: 49

Rep: Reputation: 15
Thanx.

But my firewall is on my router/firewall linux machine. On that machine I have three NICs, one for the DSL connection, one for the internal lan and the other for the DMZ and it is on that card that the apache server is connected.

If I want to use ipbased vhost, will it work? Do I have to configure in a certain way my router/firewall?

Thanx!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache 1.3.33 (debian built) and Apache SSL does not respond to the proper ports lqorg_user Linux - Networking 0 11-06-2005 05:11 PM
DISCUSSION: Apache + SSL Howto SiegeX LinuxAnswers Discussion 1 11-21-2004 12:44 PM
Where's a good Apache2 + SSL Howto groover Linux - Software 4 04-05-2004 08:04 PM
Squid proxy - howto get SSL through? thincritter Linux - Software 0 03-29-2004 11:55 PM
Proftp and ssl howto? Darkangel90 Linux - Security 4 02-10-2004 04:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 04:52 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration