Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSL and VirtualHosts

Status
Not open for further replies.
mufka

mufka

ISP
Dec 18, 2000
587
US
I have installed SSL on my Apache 1.3.20. I am using virtual hosts. I want to use SSL on only one of the virtual hosts. can I get it to do that? I don't want all of the other virtual hosts and the default to respond to https requests.
 
Sort by date Sort by votes
If you have SSL working globally, you can turn it off for the vhosts you don't want it for by adding the "SSLEngine off" directive in their respective containers. Otherwise you can cut and paste all the SSL stuff from the example virtual host container in httpd.conf and comment out the global definitions in "Main".
 
Upvote 0 Downvote
Hi,

Assuming its mod_ssl you are using (vs Apache-ssl) and you have that and openssl installed, then for Apache you'd need global directives in httpd.conf like :

<IfDefine HAVE_SSL>
LoadModule ssl_module         modules/libssl.so
</IfDefine>
<IfDefine HAVE_SSL>
AddModule mod_ssl.c
</IfDefine>
<IfDefine HAVE_SSL>
Listen 443
</IfDefine>

Then you need to just have :

SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key

...in your virtual host container. You have to have created the certificate files first of course.

Regards
 
Upvote 0 Downvote
I don't think its right yet. If I go to it works as planned. But if I go to the page for the secure site shows up. So it seems that if I go to https for any hostname that points to the server, I get the secure site. All of the plain http virtual hosts work ok.
 
Upvote 0 Downvote
Hi,

Actually, I just remembered that you can't use ssl with name based virtual hosts - only with IP based virtual hosts. The reason is that apache looks at the protocol (https vs http or whatever) first and acts on the https before it gets to the stage of looking at the 'http' headers on which it discriminates between virtual hosts. So, you are going to be stuck with needed separate IP addresses for any vhost that needs SSL, i.e. using IP based virtual hosts.

Regards
 
Upvote 0 Downvote
I've been following this for a few days knowing that I was going to want to do the same thing. I found a web site that explains how to set up Apache for Windows as a secure server. They begin by installing another instance of Apache or, as they refer to it, another Daemon which listens on the secure port and serves the secure pages.

Is this an alternative and/or a workable solution to this problem - that of having only one IP address and needing to secure only one or two pages??

I'm hoping to help myself get clear on some of this.

Thanks, Brian
 
Upvote 0 Downvote
On a continuing note: In the above reply/query, the web site I mentioned suggests installing a second copy of apache. When I try to do that, (with 1.3.22 that is) I get two install options: &quot;repair the existing installation&quot; and &quot;remove the existing installation.&quot; How is it possible to install two Apache &quot;daemons&quot; in this case?

Thanks, Brian
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
CentOS 7 and Putty
Replies
2
Views
245
SamBones
SamBones
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
219
ChrisHirst
ChrisHirst
bhaberman
  • Locked
  • Question
SSL_ERROR_NO_CYPHER_OVERLAP
Replies
2
Views
162
ChrisHirst
ChrisHirst
sniper57
  • Locked
  • Question
Mutual SSL with AD authorization
Replies
0
Views
87
sniper57
sniper57
macrun95
  • Locked
  • Question
I had a cifs mount blow up and now
Replies
0
Views
102
macrun95
macrun95

Part and Inventory Search

Sponsor

Back
Top