Configuring name based virtual hosting

[Anindayu Pradetha]

Hi,

I need help configuring name based virtual hosting for simplesamlphp.. 

So far I have my sites-available/name.service.com.config to set up as this:

<VirtualHost *:443>

        ServerName https://name.service.com

        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/name.service.com

        ServerAlias name.service.com

       

        SSLEngine On

        SSLCertificateFile /etc/apache2/ssl/service.crt

        SSLCertificateKeyFile /etc/apache2/ssl/service.pem

        ErrorLog ${APACHE_LOG_DIR}/error.log

        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Now, when I try to change the DocumentRoot to /var/simplesamlphp/www and open https://name.service.com in the browser it would still redirect me to the index file in /var/www/name.service.com. How do I fix this?

Thanks.

[Dave Wedwick]

The ServerName should just be  name.service.com (without the https://).  You wouldn't therefore need the ServerAlias.

Also, you need to restart Apache (or reload) to have the changes take effect.

=================
Dave Wedwick

--
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlphp+unsubscribe@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.

[Anindayu Pradetha]

Okay, so I have my /etc/apache2/sites-available/name.service.com.config to look like this:

<VirtualHost *:443>

        ServerName name.service.com

        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/name.service.com

       

        Alias /simplesaml /var/simplesamlphp/www

        <Directory /var/simplesamlphp/www>

              Require all granted

        </Directory>

        SSLEngine On

        SSLCertificateFile /etc/apache2/ssl/service.crt

        SSLCertificateKeyFile /etc/apache2/ssl/service.pem

        ErrorLog ${APACHE_LOG_DIR}/error.log

        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

When I go to name.service.com/simplesaml it is giving me the 403 Forbidden error message which I am assuming that I can't access the /var/simplesamlphp/www files. How do I change the permission? I tried using chmod -R 644 /var/simplesamlphp/www and it is not doing anything.

Thanks.

On Sunday, January 15, 2017 at 4:26:03 AM UTC-5, Dave Wedwick wrote:

The ServerName should just be  name.service.com (without the https://).  You wouldn't therefore need the ServerAlias.

Also, you need to restart Apache (or reload) to have the changes take effect.

=================
Dave Wedwick

On Sat, Jan 14, 2017 at 4:25 PM, Anindayu Pradetha <anindayu...@gmail.com> wrote:

Hi,

I need help configuring name based virtual hosting for simplesamlphp.. 

So far I have my sites-available/name.service.com.config to set up as this:

<VirtualHost *:443>

        ServerName https://name.service.com

        ServerAdmin webmaster@localhost

        DocumentRoot /var/www/name.service.com

        ServerAlias name.service.com

       

        SSLEngine On

        SSLCertificateFile /etc/apache2/ssl/service.crt

        SSLCertificateKeyFile /etc/apache2/ssl/service.pem

        ErrorLog ${APACHE_LOG_DIR}/error.log

        CustomLog ${APACHE_LOG_DIR}/access.log combined

</VirtualHost>

Now, when I try to change the DocumentRoot to /var/simplesamlphp/www and open https://name.service.com in the browser it would still redirect me to the index file in /var/www/name.service.com. How do I fix this?

Thanks.

--
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.

To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.

[Jeffrey Krug]

If you did "chmod -R 644 /var/simplesamlphp/www" to the directory, you just broke it.  Directories need to have the executable bit set and that turned it off.  What you probably wanted to do was:

chmod -R o+rX /var/simplesamlphp/www

(capital X should fix any directories you broke earlier without making any of the files executable incorrectly)

To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlphp+unsubscribe@googlegroups.com.

[Jeffrey Krug]

Additionally you probably need to chown the directory (or at least some of the subdirs) to the user that is running your apache.

[Anindayu Pradetha]

Hi Jeffrey,

I did "chown -R root:www-data /var/simplesamlphp" and the command you suggested - it is still giving me the 403 Forbidden error. What should I do?

Thanks. 

[Dave Wedwick]

Maybe have a look at like:

https://www.cyberciti.biz/faq/apache-403-forbidden-error-and-solution/

to troubleshoot the 403 errors.  My Apache setup looks similar to yours and it works.

=================
Dave Wedwick

To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlphp+unsubscribe@googlegroups.com.

[Peter Schober]

* Dave Wedwick <da...@wedwick.com> [2017-01-15 10:26]:

> The ServerName should just be name.service.com (without the https://).

No, that's perfectly valid, cf.
http://httpd.apache.org/docs/2.4/en/mod/core.html#servername
http://httpd.apache.org/docs/2.2/en/mod/core.html#servername
-peter

[Peter Schober]

* Anindayu Pradetha <anindayu...@gmail.com> [2017-01-15 00:25]:

1. None of this has anything to do with SimpleSAMLphp, but httpd
configuration.

2. Why do you not follow the SSP documentation, which describes another
method that does not require a change to your DocumentRoot?
https://simplesamlphp.org/docs/stable/simplesamlphp-install#section_6

-peter