Re: just installed certificate and I'm getting the wrong site...
Sorry for bumping my own post, but I'm really in need of help here. I'm at a loss. Maybe it's because folks are on holiday given the time of year, but if anyone thinks they can help, I'd very much appreciate it. :o) Thanks, Chris On Dec 27, 2007 3:30 PM, Chris Jordan [EMAIL PROTECTED] wrote: Hi folks, I'm a complete newbie to this stuff, and I need a little more help. I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first problem after I installed the certificate is that we apparently had an old self-signed certificate installed. So, once I figured out that the SSL directives were in the conf.d/ssl.conf and not in conf/httpd.conf, I was able to put my certificate information in that file and now our server is using our real certificate and not the self-signed one. Our server runs multiple domains using virtual hosting, and I've read through the archives enough to find out that I can't do named virtual host with SSL. That's fine. My problem now is that when I browse to: https://mysecuredomain.com, I'm getting sent to another one of our other domains (wrongdomain.com -- for the sake of discussion) except that the URL in the address bar still says: https://mysecuredomain.com. I'm confused. I've searched through the archives, but can't seem to find out how this is happening. Here's another strange bit. We've got an old version and a newer version of wrongdomain.com and when I browse to http://wrongdomain.com I get the new version. When I browse to https://wrongdomain.com I get the *old* version of the site -- just as I do when I browse to https://mysecuredomain.com... I hope I'm explaining this well enough. I really need help on how to get things working properly. The other thing that I'm curious about is whether we'll be able to secure any of our other domains hosted from this box in the future if we need to. From the reading I've done I'm thinking that's going to be a 'No', but what if we use the same certificate for all sites? That may be a dumb question, but again, I'm a genuine newbie here. My main concern is about the first part of this post... the side question about multiple domains is less important to me, but I'd still like to know. I sure hope someone can help me. Thanks heaps, Chris -- http://cjordan.us -- http://cjordan.us
Re: just installed certificate and I'm getting the wrong site...
Hi Chris, This sounds to me like more of an apache configuration problem. Perhaps if you posted some bits of your httpd.conf someone could spot the problem. Could you clarify on the old and new versions of wrongdomain.com? Are both still present on your server with the old one residing in another directory? It sounds to me like when you come through to your server from mysecuredomain.com, via https you come through to the first virtual directory / host whioch is wrondomain.com, because they're both on the same IP. What happens if you switch the order of your virtual hosts, do you come through to a different site? I'd be switching my conf files about to experiment and see what happens in order to figure out the problem. Glyn --- Chris Jordan [EMAIL PROTECTED] wrote: Sorry for bumping my own post, but I'm really in need of help here. I'm at a loss. Maybe it's because folks are on holiday given the time of year, but if anyone thinks they can help, I'd very much appreciate it. :o) Thanks, Chris On Dec 27, 2007 3:30 PM, Chris Jordan [EMAIL PROTECTED] wrote: Hi folks, I'm a complete newbie to this stuff, and I need a little more help. I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first problem after I installed the certificate is that we apparently had an old self-signed certificate installed. So, once I figured out that the SSL directives were in the conf.d/ssl.conf and not in conf/httpd.conf, I was able to put my certificate information in that file and now our server is using our real certificate and not the self-signed one. Our server runs multiple domains using virtual hosting, and I've read through the archives enough to find out that I can't do named virtual host with SSL. That's fine. My problem now is that when I browse to: https://mysecuredomain.com, I'm getting sent to another one of our other domains (wrongdomain.com -- for the sake of discussion) except that the URL in the address bar still says: https://mysecuredomain.com. I'm confused. I've searched through the archives, but can't seem to find out how this is happening. Here's another strange bit. We've got an old version and a newer version of wrongdomain.com and when I browse to http://wrongdomain.com I get the new version. When I browse to https://wrongdomain.com I get the *old* version of the site -- just as I do when I browse to https://mysecuredomain.com... I hope I'm explaining this well enough. I really need help on how to get things working properly. The other thing that I'm curious about is whether we'll be able to secure any of our other domains hosted from this box in the future if we need to. From the reading I've done I'm thinking that's going to be a 'No', but what if we use the same certificate for all sites? That may be a dumb question, but again, I'm a genuine newbie here. My main concern is about the first part of this post... the side question about multiple domains is less important to me, but I'd still like to know. I sure hope someone can help me. Thanks heaps, Chris -- http://cjordan.us -- http://cjordan.us __ Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]
Re: just installed certificate and I'm getting the wrong site...
From your description it sounds like you have a virtual host defining the new version of wrongdomain.com plus you have a global definition of the old version of wrongdomain.com. Then it sounds like you have not specified the data location inside the virtual host where you define mysecuredomain.com, so that you are picking up the global definition. Cure in this scenario is to override the global configuration information inside the virtual host for mysecuredomain.com (or if you do not have a virtual host for mysecuredomain.com, create one). As for the problem of https://wrongdomain.com responding, recall that there can be only one port 443 per ip address, and Apache does not look at domain names in deciding to serve https, only the ip address. Cure: I think you can use rewrite rules to direct traffic addressed to https://wrongdomain.com to a safe directory (I have not tried this). Or see below. As for serving more than one secure web site from a single computer, yes you can do this, but recall the limit of one port 443 per ip address. You can either arrange for your computer to have multiple ip addresses (add multiple NIC cards or dink around with the ifconfig or other etc files depending on your flavor of Unixoid OS), and then run multiple instances of Apache listening on different ip addresses. Be sure that your separate instances of Apache define different locations for their housekeeping files. This will also solve your https://wrongdomain.com problem. Or, you can use a port other than 443 for https with a single ip address, but this is ugly if the user has to type in the URL. Not sure if a single instance of Apache can handle two different secure ports in different virtual hosts, but you certainly can use separate instances of Apache on the same box. Regards, orville www.weyrich.com --- Chris Jordan [EMAIL PROTECTED] wrote: Hi folks, I'm a complete newbie to this stuff, and I need a little more help. I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first problem after I installed the certificate is that we apparently had an old self-signed certificate installed. So, once I figured out that the SSL directives were in the conf.d/ssl.conf and not in conf/httpd.conf, I was able to put my certificate information in that file and now our server is using our real certificate and not the self-signed one. Our server runs multiple domains using virtual hosting, and I've read through the archives enough to find out that I can't do named virtual host with SSL. That's fine. My problem now is that when I browse to: https://mysecuredomain.com, I'm getting sent to another one of our other domains (wrongdomain.com -- for the sake of discussion) except that the URL in the address bar still says: https://mysecuredomain.com. I'm confused. I've searched through the archives, but can't seem to find out how this is happening. Here's another strange bit. We've got an old version and a newer version of wrongdomain.com and when I browse to http://wrongdomain.com I get the new version. When I browse to https://wrongdomain.com I get the *old* version of the site -- just as I do when I browse to https://mysecuredomain.com... I hope I'm explaining this well enough. I really need help on how to get things working properly. The other thing that I'm curious about is whether we'll be able to secure any of our other domains hosted from this box in the future if we need to. From the reading I've done I'm thinking that's going to be a 'No', but what if we use the same certificate for all sites? That may be a dumb question, but again, I'm a genuine newbie here. My main concern is about the first part of this post... the side question about multiple domains is less important to me, but I'd still like to know. I sure hope someone can help me. Thanks heaps, Chris -- http://cjordan.us Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ __ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager[EMAIL PROTECTED]