Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Dual Multiple SSL site on on Apache (1.3x) server. HOWTO Example

1 view
Skip to first unread message

uzi6...@yahoo.com

unread,
Aug 26, 2005, 2:40:45 PM8/26/05
to
Dual Multiple SSL site on on Apache (1.3x) server.

The "trick" is you need different IP Address
and you must have SSLCertificateFile defined
in the non-vhost section or Apache will not
start.

You can bind all IP address to a single NIC see man ifconfig
on your specific UNIX OS.

ServerName test1.myisp.com
ServerType standalone
ServerTokens prod
NameVirtualHost xxx.xxx.xxx.xx1:80
NameVirtualHost xxx.xxx.xxx.xx2:80
NameVirtualHost xxx.xxx.xxx.xx3:443
NameVirtualHost xxx.xxx.xxx.xx4:443
User <myuserID>
Group <mywebid>
Listen 443
Listen 80
SSLVerifyClient 0
SSLVerifyDepth 10

SSLCertificateKeyFile /usr/local/ssl/certs/mycerts/SRVkey.pem
SSLCertificateFile /usr/local/ssl/certs/mycerts/test3/SRV.pem

# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
TypesConfig /usr/local/apache/conf/mime.types
</IfModule>

# Globally turn on spell check for all Virtural hosts
CheckSpelling on

DefaultType text/plain

<IfModule mod_mime_magic.c>
MIMEMagicFile /usr/local/apache/conf/magic
</IfModule>

MaxKeepAliveRequests 10000
KeepAliveTimeout 15


KeepAlive On

MinSpareServers 30
MaxSpareServers 100

StartServers 20

MaxClients 256
MaxRequestsPerChild 10000

#define CACHE_SESSIONS FALSE
SSLCacheServerPath /usr/local/apache/bin/gcache
SSLCacheServerPort /usr/local/apache/logs/gcache_port
SSLSessionCacheTimeout 300
SSLCacheServerRunDir /tmp
# end conditional section

PidFile /usr/local/apache/logs/httpsd.pid
AccessFileName .htaccess

# and a non-SSL one...

<VirtualHost xxx.xxx.xxx.xx1:80>
ServerName test1.myisp.com
ServerAdmin ro...@mysip.com
AddHandler server-parsed shtml html htm
SSLDisable
Port 80
CustomLog "|/usr/local/apache/bin/rotatelogs
/var/log/httpd/test1/access_log 604800" combined env=!dontlog
LogLevel debug
ErrorLog /var/log/httpd/test1/error_log


DocumentRoot "</myrootdoc1>"


<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

<Directory />

AllowOverride AuthConfig FileInfo Limit

DirectoryIndex index.htm Index.htm index.html Index.html

Options +Includes -Indexes FollowSymLinks +MultiViews
</Directory>

</VirtualHost>

<VirtualHost xxx.xxx.xxx.xx2:80>
ServerName test2.myisp.com
ServerAdmin ro...@test2myisp.com
AddHandler server-parsed shtml html htm
SSLDisable
Port 80

CustomLog "|/usr/local/apache/bin/rotatelogs
/var/log/httpd/test2/access_log 604800" combined env=!dontlog
ErrorLog /var/log/httpd/test2/error_log


DocumentRoot "<myrootdoc2"


<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

ScriptAlias /int-cgi-bin/ "/usr/appl/int-cgi-bin/"


<Directory />

AllowOverride AuthConfig FileInfo Limit

Options +Includes -Indexes FollowSymLinks +MultiViews

</Directory>

<Directory "/usr/appl/int-cgi-bin">

AllowOverride None
Options None
Order allow,deny
Allow from xxx.xxx.xxx.xx2
</Directory>

</VirtualHost>


<VirtualHost xxx.xxx.xxx.xx3:443>
ServerName test3.myisp.com
ServerAdmin ro...@test3myisp.com
AddHandler server-parsed shtml html htm
SSLEnable
Port 443
SSLVerifyClient 0
SSLVerifyDepth 10
SSLCertificateKeyFile /usr/local/ssl/certs/mycerts/test3/SRVkey.pem
SSLCertificateFile /usr/local/ssl/certs/mycerts/test3/SRV.pem

CustomLog "|/usr/local/apache/bin/rotatelogs
/var/log/httpd/test3/access_log 604800" combined env=!dontlog
ErrorLog /var/log/httpd/test3/error_log

DocumentRoot "<myrootdoc3>"

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

<Directory />

AllowOverride AuthConfig FileInfo Limit

DirectoryIndex index.htm Index.htm index.html Index.html

# -Indexes disables ls -la page if index.html is missing...

Options +Includes -Indexes FollowSymLinks +MultiViews

</Directory>

</VirtualHost>

<VirtualHost xxx.xxx.xxx.xx4:443>
ServerName test4.myisp.com
ServerAdmin ro...@test4.myisp.com
AddHandler server-parsed shtml html htm
SSLEnable
Port 443
SSLVerifyClient 0
SSLVerifyDepth 10
SSLCertificateKeyFile /usr/local/ssl/certs/mycerts/test4/SRVkey.pem
SSLCertificateFile /usr/local/ssl/certs/mycerts/test4/SRV.pem


CustomLog "|/usr/local/apache/bin/rotatelogs
/var/log/httpd/test4/access_log 604800" combined env=!dontlog
ErrorLog /var/log/httpd/test4/error_log

DocumentRoot "<rootdoc4>"

<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>

<Directory />

AllowOverride AuthConfig FileInfo Limit

DirectoryIndex index.htm Index.htm index.html Index.html


Options +Includes -Indexes FollowSymLinks +MultiViews

</Directory>


</VirtualHost>

0 new messages