[Sussex] Apache + SSL + virtual host

Simon Huggins huggie at earth.li
Wed May 25 09:04:57 UTC 2005


Hiya LUG,

On Wed, May 25, 2005 at 08:46:13AM +0100, Colin Tuckley wrote:
> You can't run virtual hosts and a secure server from the same instance
> of httpd.

Nah, sorry, that's wrong.

On Wed, May 25, 2005 at 09:05:26AM +0100, Ronan Chilvers wrote:
> You can, you just can't have more than one SSL site.  So
[..]
> works fine.  But you can't add another SSL site - the hostname is
> embedded in the certificate for one thing so if it differs, you'll end
> up with warnings from the browser.

That's wrong too unless you just forgot the "on the same IP".

The key thing you're both missing (or pehaps just omitting) is that you
can't have more than one SSL site on the same IP.

But that doesn't mean you can't virtual host many SSL sites from one
apache instance.

I have:

Port 80
NameVirtualHost 10.0.0.3
NameVirtualHost 10.0.0.4
NameVirtualHost 10.0.0.5
NameVirtualHost 10.0.0.6
<VirtualHost 10.0.0.3>
	ServerName wibble.blah
	DocumentRoot /var/www
	[..]
</VirtualHost>
<VirtualHost 10.0.0.3:443>
	ServerName wibble.blah
	DocumentRoot /var/wwws
	[..]
	(SSL key/cert stuff here)
</VirtualHost>

<VirtualHost 10.0.0.4:443>
	ServerName wobble.blah
	DocumentRoot /var/wobble
	[..]
	(SSL key/cert stuff here)
</VirtualHost>
<VirtualHost 10.0.0.4>
	ServerName wobble.blah
	Redirect permanent / http://wobble.blah/
</VirtualHost>

<VirtualHost 10.0.0.5:433>
	ServerName weeble.blah
	DocumentRoot /var/wobble
	[..]
	(SSL key/cert stuff here)
</VirtualHost>
<VirtualHost 10.0.0.5>
	ServerName weeble.blah
	Redirect permanent / http://wobble.blah/
</VirtualHost>

And so on in a live config (ok, customer details/IPs have been changed).

Simon.

-- 
        Black Cat Networks        -(   'Une pause s'impose' -- Gianny    )-
UK domain, email and web hosting  -(                                     )-
http://www.blackcatnetworks.co.uk -(                                     )-




More information about the Sussex mailing list