This time a bamboozling Apache/vhost/https problem.
I have a working vhost configuration for several domains in apache2
(latest stable from portage - 2.0.58) and I want to support not only
http services, but, for one domain name at least, I want to support an
https service. The working configuration for http has a
00_default_vhost.conf file:-
--
NameVirtualHost *:80
<VirtualHost *:80>
DocumentRoot /var/www/vlan.mydomain.net
ServerName vlan.mydomain.net
</VirtualHost>
<VirtualHost *:80>
ServerName temporary.mydomain.net
DocumentRoot /var/www/temporary.mydomain.net
</VirtualHost>
--
I updated this (following a how-to as closely as I could...) to this:
--
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
DocumentRoot /var/www/vlan.mydomain.net
ServerName vlan.mydomain.net
</VirtualHost>
<VirtualHost *:80>
ServerName temporary.mydomain.net
DocumentRoot /var/www/temporary.mydomain.net
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/ssl.mydomain.net
ServerName ssl.mydomain.net
SSLCipherSuite HIGH:MEDIUM
SSLProtocol all -SSLv2
SSLCertificateFile /etc/apache2/ssl.crt/ssl.mydomain.net.crt
SSLCertificateKeyFile /etc/apache2/ssl.crt/ssl.mydomain.key
SSLCertificateChainFile /etc/apache2/ssl.crt/mydomain.crt
SSLCACertificateFile /etc/apache2/ssl.crt/mydomain.crt
</VirtualHost>
--
I believe that I've put valid crt and key files in /etc/apache2/ssl.crt/
- and I'd have expected an error message at least if this is, in fact,
the fault.
When I parse this configuration with apache2 and the flags from
/etc/conf.d/apache2 (i.e. SSL ) this is how it goes :
--
# apache2 -D SSL --lint
# apache2 -D SSL -S
VirtualHost configuration:
wildcard NameVirtualHosts and _default_ servers:
*:443 is a NameVirtualHost
default server ssl.mydomain.net
(/etc/apache2/vhosts.d/00_default_vhost.conf:12)
port 443 namevhost ssl.mydomain.net
(/etc/apache2/vhosts.d/00_default_vhost.conf:12)
*:80 is a NameVirtualHost
default server vlan.mydomain.net
(/etc/apache2/vhosts.d/00_default_vhost.conf:24)
port 80 namevhost vlan.mydomain.net
(/etc/apache2/vhosts.d/00_default_vhost.conf:24)
port 80 namevhost temporary.mydomain.net
(/etc/apache2/vhosts.d/00_default_vhost.conf:37)
Syntax OK
--
Unfortunately, when I attempt to connect to the SSL service on
http://ssl.mydomain.net/ using Firefox I get an immediate error :
"The connection was interrupted
The connection to ssl.shic.dynalias.net was interrupted while the page
was loading."
Links (the text browser) gives the somewhat less helpful error message :
"Error loading https://ssl.mydomain.net/: SSL error"
Nothing seems to be written to /var/log/apache2/error_log or access_log.
I've read reports that I must be explicit about which IP address I want
to vhost on - which is undesirable as I want to serve both over Ethernet
and Wireless (i.e. I have two network adaptors) - but seems to make no
difference if I experimentally substitute my ethernet IP address for *
in the vhost configuration.
What's wrong?
--
gentoo-user@gentoo.org mailing list
