Hi guys,
I am running a SuSE 6.4 box with Apache1.3.12 / OpenSSL/0.9.5...
I want to set up several virtual name based hosts, one with ssl and the
others without. I've tried several different httpd.conf setups, but
somehow
this does not want to work out. Right now my httpd.conf goes somewhat
like this:
[...]
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
[...]
NameVirtualHost 123.456.78.9:80
NameVirtualHost 123.456.78.9:443
<VirtualHost my1st.host.org:80>
SSLDisable
ServerName my1st.host.org
ServerAdmin eric@host.org
DocumentRoot /usr/local/httpd/htdocs1
</VirtualHost>
<VirtualHost my2nd.host.org:443>
SSLEnable
ServerName my2nd.host.org
ServerAdmin eric@host.org
DocumentRoot /usr/local/httpd/htdocs2
SSLCertificateFile /etc/httpd/ssl.crt/host.org.cert
SSLCertificateKeyFile /etc/httpd/ssl.key/host.org.key
</VirtualHost>
[...more VirtualHost:80...]
and ssl_engine_log shows:
[13/Jul/2000 23:38:24 28689] [info] Init: Reinitializing OpenSSL
library
[13/Jul/2000 23:38:24 28689] [info] Init: Seeding PRNG with 136 bytes
of entropy
[13/Jul/2000 23:38:24 28689] [info] Init: Configuring temporary RSA
private keys (512/1024 bits)
[13/Jul/2000 23:38:24 28689] [info] Init: Configuring temporary DH
parameters (512/1024 bits)
[13/Jul/2000 23:38:24 28689] [info] Init: Initializing (virtual)
servers for SSL
[13/Jul/2000 23:38:24 28689] [warn] Init: (my2nd.host.org:443) You
configured HTTP(80) on the standard HTTPS(443) port!
Before the Virtualhost entries all looked like this:
Hi! Eric CHAPMAN behauptete am Thu, 13 Jul 2000 um 20:58:
[...] <IfDefine SSL> Listen 80 Listen 443 </IfDefine> [...] NameVirtualHost 123.456.78.9:80 NameVirtualHost 123.456.78.9:443
Looks good so far.
<VirtualHost my1st.host.org:80> SSLDisable
Uh? You probably wanted to use "SSLEngine off" ... [...]
</VirtualHost>
<VirtualHost my2nd.host.org:443> SSLEnable
... and "SSLEngine on". I never saw "SSLDisable" and "SSLEnable" and can't find anything about them in the docs. [...]
</VirtualHost> [...more VirtualHost:80...]
Fine. Remember, you cannot have multiple NameVirtualHosts via SSL (the server would have to know witch host you want to connect to _before_ the SSL handshake, but it gets the HTTP-"Host:"-Statement after the handshake; sad enough...).
[13/Jul/2000 23:38:24 28689] [warn] Init: (my2nd.host.org:443) You configured HTTP(80) on the standard HTTPS(443) port!
Yup, you are listening to port 443 with a non-ssl server (as SSLEnable does nothing).
then I got the 'You configured HTTP(80) on the standard HTTPS(443) port!' for every Virtualhost. The server will not load unless I comment out the 443 Host. The Apache and mod_ssl online documents have not been very conclusive so far...
They would have been if you had looked for "SSLEn/Disable"... Btw, the default SuSE httpd config is quite a fine example... Ciao, Basti -- Bastian Friedrich bastian@bastian-friedrich.de Adress & Fon available on my HP http://www.bastian-friedrich.de/ \-----------------------------------------------------------------\ \ Funny off-topic messages are always on-topic.
* Bastian Friedrich wrote on Fri, Jul 14, 2000 at 01:05 +0200:
Hi!
... and "SSLEngine on". I never saw "SSLDisable" and "SSLEnable" and can't find anything about them in the docs.
This were the names for this option somewhere before mod_ssl 2.2.0 IIRC.
They would have been if you had looked for "SSLEn/Disable"... Btw, the default SuSE httpd config is quite a fine example...
Is that default configuration working? I had to set up a test SSL server in the company some days before, and I remember that I had to change some things. There was no dummy certificate installed, but this was a 6.3 IIRC. oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.
participants (3)
-
Bastian Friedrich
-
Eric CHAPMAN
-
Steffen Dettmer