Welcome to MobyThreads.com!
FAQFAQ      ProfileProfile    Private MessagesPrivate Messages   Log inLog in
All support for the MobyThreads Threaded phpBB MOD can now be found on welsolutions at this forum

Virtual hosts and SSL?

  
   Web Hosting and Web Master Forums (Home) -> Apache RSS
Next:  attempted intrusion?  
Author Message
karl_mcauley

External


Since: Jul 12, 2003
Posts: 1



(Msg. 1) Posted: Sat Jul 12, 2003 12:49 pm
Post subject: Virtual hosts and SSL?
Archived from groups: alt>apache>configuration (more info?)
Hello

I'm trying to setup this apache 1.3 server for virtual hosts, with
ssl. I've got the normal port 80 working, but the SSL is a bit of a
mess.

If I have the SSL pages in the real part of the server, ie,
https://www.example.com/fred/index.htm then they work, but if they're
in the virtual part: https://www.example1.com/fred/index.htm then I
get a 404 - File not found error.

If I do a symbolic link to the pages in the real part of the server
then they work when using a virtual address.
ln -s /httpd/html/fred /httpd/example1/fred

I have set the virtual hosts as these (I've cut out the irelivant
settings)

UseCanonicalName Off

NameVirtualHost 10.10.32.11:80
NameVirtualHost 192.168.1.100:443

<VirtualHost 10.10.32.11:80>
ServerName example1.com
DocumentRoot /httpd/example1
</virtualHost>

<VirtualHost 10.10.32.11:80>
ServerName example2.com
DocumentRoot /httpd/example2
</virtualHost>

<VirtualHost 192.168.1.100:443>
ServerName example1.com
Port 443
DocumentRoot /httpd/example1
</VirtualHost>

<VirtualHost 192.168.1.100:443>
ServerName example2.com
Port 443
DocumentRoot /httpd/example2
</VirtualHost>

The 10.10.32.11 is the servers real IP address, the 192.168.1.100 is
an alias:

/sbin/ifconfig eth0:0 192.168.1.100
/sbin/route add -host 192.168.1.100 eth0:0

The server is behind a firewall and NAT is used to access it from the
outside.

I don't want a certificate or anything, and can put up with the
warning message from the browser, But I do want a secure connection
for people to login with.

The rest of the settings for the SSL part in the httpd.conf havn't
been changed.

Can anyone help

Thanks.
--
Karl McAuley
mailto:karl_mcauley@yahoo.com
http://www.g7smy.f9.co.uk
Remove *NOSPAM* in address when replying

 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
mcp

External


Since: Jul 14, 2003
Posts: 14



(Msg. 2) Posted: Mon Jul 14, 2003 8:07 pm
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
 > I'm trying to setup this apache 1.3 server for virtual hosts, with
 > ssl. I've got the normal port 80 working, but the SSL is a bit of a
 > mess.
[cut]
 > <VirtualHost 192.168.1.100:443>
 > ServerName example1.com
 > Port 443
 > DocumentRoot /httpd/example1
 > </VirtualHost>
 >
 > <VirtualHost 192.168.1.100:443>
 > ServerName example2.com
 > Port 443
 > DocumentRoot /httpd/example2
 > </VirtualHost>
AFAIK you can only have _one_ ssl virtual-host per ip-port combination.

 > I don't want a certificate or anything, and can put up with the
 > warning message from the browser, But I do want a secure connection
 > for people to login with.
How is the server supposed to do encryption without a certificate?


Martin<!-- ~MESSAGE_AFTER~ -->

 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
nospam20

External


Since: Aug 06, 2003
Posts: 51



(Msg. 3) Posted: Wed Jul 16, 2003 7:02 pm
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Martin C. Petersen wrote:

 > AFAIK you can only have _one_ ssl virtual-host per ip-port combination.

Are you sure? Anybody else?<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
mcp

External


Since: Jul 14, 2003
Posts: 14



(Msg. 4) Posted: Wed Jul 16, 2003 8:34 pm
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
"Mary Pegg" <nospam.RemoveThis@widetrouser.freeserve.co.uk> skrev i en meddelelse
news:JNdRa.10430$ju6.199123@newsfep4-glfd.server.ntli.net...
  > > AFAIK you can only have _one_ ssl virtual-host per ip-port combination.
 >
 > Are you sure? Anybody else?
<a style='text-decoration: underline;' href="http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47" target="_blank">http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47</a>


Martin<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
nospam20

External


Since: Aug 06, 2003
Posts: 51



(Msg. 5) Posted: Wed Jul 16, 2003 8:52 pm
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Martin C. Petersen wrote:

 > "Mary Pegg" <nospam.TakeThisOut@widetrouser.freeserve.co.uk> skrev i en meddelelse
 > news:JNdRa.10430$ju6.199123@newsfep4-glfd.server.ntli.net...
   >> > AFAIK you can only have _one_ ssl virtual-host per ip-port combination.
  >>
  >> Are you sure? Anybody else?
<font color=purple> > <a style='text-decoration: underline;' href="http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47</font" target="_blank">http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47</font</a>>

Many thanks for the swift response. You've saved me from wasting
yet more time on trying to implement the impossible.

There's a cold beer for you in Cambridge, England...<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
kd6lvw

External


Since: Nov 02, 2003
Posts: 31



(Msg. 6) Posted: Wed Jul 16, 2003 11:51 pm
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On Wed, 16 Jul 2003, Mary Pegg wrote:
 > Martin C. Petersen wrote:
 >
  > > AFAIK you can only have _one_ ssl virtual-host per ip-port combination.
 >
 > Are you sure? Anybody else?

This is basically true.

There is a way to have more than one virtual-host under an IP/port, but ALL
such virtual hosts must then SHARE the same certificate(s). Whether or not the
SSL system will accept this is another issue - and it will probably depend on
having multiple "common name" fields (if possible) or domains that are all
sub-domains of the same master domain name. That is an issue outside of the
web server program itself.

The reason for this is that the encryption occurs before the request is
received - and only from the request can one determine which virtual host the
request is for.<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
nospam20

External


Since: Aug 06, 2003
Posts: 51



(Msg. 7) Posted: Thu Jul 17, 2003 1:01 am
Post subject: Re: Virtual hosts and SSL? [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
D. Stussy wrote:

 > There is a way to have more than one virtual-host under an IP/port, but
 > ALL
 > such virtual hosts must then SHARE the same certificate(s). Whether or

I was going to ask next how this could be done.

 > not the SSL system will accept this is another issue - and it will
 > probably depend on having multiple "common name" fields (if possible) or
 > domains that are all
 > sub-domains of the same master domain name. That is an issue outside of
 > the web server program itself.

Yup, I figured by using a "wildcard" SSL cert it should work with
subdomains. As it is we've decided to ask for more IP addresses,
particularly as we hope to scale up to separate machines in due
course anyway.

 > The reason for this is that the encryption occurs before the request is
 > received - and only from the request can one determine which virtual host
 > the request is for.

Very succintly put, and if anybody here is compiling a FAQ...?

I'd always kinda assumed that the body was encrypted, not the
whole shebang. Well hey, I learnt something today.<!-- ~MESSAGE_AFTER~ -->
 >> Stay informed about: Virtual hosts and SSL? 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Virtual Hosts? - I'm wanting to use one IP address to host multiple domains, ie web hosting. I assume that "virtual hosts" are the thin I need to focus on here and is this basically a similar concept to Host Headers in IIS 5.0? I'm running Windows 2000 with Apa...

local virtual hosts - i've read many posts about this subject, but none have been exactly what i'm looking for. I have Apache 2.0.46 running Redhat 9. This PC along with 3 others are on a Dl-614+ router. I want to use the redhat machine as a development server for several....

Virtual Hosts :: logs - Hey all- I have apache 2.0.46 running the following virtual hosts, plus a few more: <VirtualHost *> ServerName www.awhc.org DocumentRoot "/home/awhc/www/" </VirtualHost> <VirtualHost *> ServerName awhc.org Doc...

Configuring virtual hosts on an intranet - I have seen how to configure virtual hosts by name when a server in connected to the internet. But can it be done when working in an intranet and you don't have DNS and you normally enter http://localipaddress. I would like to give a couple of people in ...

Virtual Hosts on seperate machines? - Hey Everyone, Simple question that I've not been able to figure out. I thought this was possible but now am about to accept it isn't. What I need to do is to set up a master machine with apache and then route traffic to other apache webserver based on..
   Web Hosting and Web Master Forums (Home) -> Apache All times are: Pacific Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]