ServerRoot overriding DocumentRoot?

[hcyuan]

I am trying to create a new virtual host, and everything seems to be fine, but for some reason, it's not loading my DocumentRoot. For example, my server has two IP address. ServerRoot (if there is even such a thing) points to /var/opt/blah. I create a virtual host that has a document root that points to /srv/

http://www/htdocs/ttweb.

Everytime I go to my new virtual host on the browser, it goes to /var/opt/blah. But if I go to

https://my.site.com/ttweb

then it goes to the proper site. I don't know if my configuration is wrong or if I have to go turn something off. Anyone have any ideas? Here's what my virtual host configuration look like:

<IfDefine SSL>
  <IfDefine !SSL>
    NameVirtualHost 12.29.124.46:443
  </IfDefine>
</IfDefine>

DirectoryIndex index.htm index.html login.htm

<Directory "/srv/[URL unfurl="true"]www/htdocs/ttweb">[/URL]
  SSLRequireSSL
  Options MultiViews
  AllowOverride None
  Order deny,allow
  Allow from all
</Directory>

<VirtualHost 12.29.124.46:80>
  ServerName TTPro.Valence.com
  ServerAdmin HelpDesk@Valence.com 
  DocumentRoot "/srv/[URL unfurl="true"]www/htdocs/ttweb"[/URL]
  RedirectMatch permanent (/.*) [URL unfurl="true"]https://ttpro.valence.com$1[/URL] 
</VirtualHost>

<IfDefine SSL>
  <IfDefine !SSL>

    <VirtualHost 12.29.124.46:443>
      ServerName TTPro.Valence.com
      ServerAdmin HelpDesk@Valence.com 
      DocumentRoot "/srv/[URL unfurl="true"]www/htdocs/ttweb"[/URL]
      ErrorLog /var/log/apache2/ttpro-ssl_error_log
      TransferLog /var/log/apache2/ttpro-ssl_access_log
      
      SSLEngine on
      SSLCertificateFile /etc/apache2/ssl.crt/TTPro.der
      SSLCertificateKeyFile /etc/apache2/ssl.key/ttpro.valence.com.key
      SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
    
    </VirtualHost>
  
  </IfDefine>
</IfDefine>

This file is an include file that's included into httpd.conf. Keeps it modular.

 

[sleipnir214]

This line:

NameVirtualHost 12.29.124.46:443

troubles me. Because of the fact that Apache must make a decision about which SSL crypto keys to use before enough (actually before any) HTTP headers have been sent so that Apache can know which named host it should serve, name-based hosts are not possible on SSL.


Want the best answers? Ask the best questions! TANSTAAFL!

 

[hcyuan]

I don't know how it all really works, however on another server, I've created a bunch of Named Virtual Hosts that used a single certificate without a problem.

However, my problem is not based on the certificates or SSL. I got the virtual host listening on SSL and accessible via SSL. The problem is that it's not serving up the page that I specified as Document Root. At least, I believe that is the problem. I could be wrong and maybe it is related to Apache not knowing which SSL crypto keys to use.

 

[sleipnir214]

Do you have a NameVirtualHost directive that is not applied to port 443?


Want the best answers? Ask the best questions! TANSTAAFL!

 

[RhythmAce]

The problem is with something you are not showing us. The ServerRoot is where apache has all its config files, modules and logs. Somewhere, somehow, you have a vhost defined with /var/opt/blah as the DocumentRoot. A good place to start is the first vhost defined because that is what apache will use as the default server if it can't find the requested vhost. I also noticed that you have the directory container defined outside of the vhost container. This will work but gives it global scope which means it can be accessed from anywhere.

 

[hcyuan]

sleipnir214,

There probably is a NameVirtualHost directive not applied to 443...but...hum...how do I say this.

The server is running Novell Open Enterprise Server 1.0 (which is technically SuSE Linux Enterprise Server 9.3 but configured with Novell stuff.) The server originally only had one IP address (12.29.124.9) and Novell had Apache2 configured to host their Web Management portal. So if you hit just that IP address, you get the management interface, etc.

Since I wanted to add the TTPro service to it, I gave that server a second IP address to host TTPro on. So, is there a NameVirtualHost directive not applied to 443? Yes, there is but only on the original IP address of .9 and not on .46 of which I'm writing the VirtualHost for.

Does that make sense? Hope I didn't write too much and ended up confusing you more. :/

 

[hcyuan]

RhythmAce,

Thanx for chipping in. I'm pretty sure there is a VirtualHost set up that is pointing to /var/opt/blah. The Novell stuff (like in my above post). So what you're suggesting is that probably somehow Apache2 can't find my specified VirtualHost for 12.29.124.46 and is using the VirtualHost that was specified for _default_:443 probably, correct? Hum...so technically, that would mean that if I find this VirtualHost and correct it to read the original IP address (12.29.124.9), then it should correctly display for 12.29.124.46 then?

Also, originally I had the Directory directive under the VirtualHost directive, but then I wasn't sure if that was causing the problem or not and didn't know what was the benefit of putting it inside or out, so I moved it out. I'll move it back in.

 

[hcyuan]

Ah ha! I figured out the problem! WooHoo~!

The answer was:

<IfDefine !NOSSL>

I left out the "NO" in that part. So it never ran my "NameVirtualHost" line which then would never load what I wanted it to load!!

So, in conclusion, the problem was between the keyboard and the chair. The server did everything it was told to do.

Thanx for all the help, sleipnir214 & RhythmAce.