Maurizio Boriani wrote:
> * I've an apache web server with modssl dso correctly installed
> * I'd like use only one apache for both http and https
> * I've only to ancrypt request and data between server and client, nothing
>authentication and some othes
>
The attached httpd.conf could be used as a basis for a very simple
server with two HTTP v-hosts and one SSL v-host. Note the following
assumptions:
(1) You have installed apache in /home/apache
(2) You have a user "apache"
(3) Your SSL data is under /home/web/html/secure
(4) Your other v-hosts are /home/web/html/banana and /home/web/html/kiwi
(5) Your machine has IP address 192.168.1.1
(6) Your network is configured so that your machine has at least two
names ("banana" and "kiwi") both of which resolve to your machine's IP
address
Obviously, you should adapt the file to suit your actual set-up.
Especially for the SSL directives: Read the manual for each of these so
you understand what it does.
Best regards,
Owen Boyle.
# Simple Apache Configuration for two HTTP v-hosts and one SSL v-host.
# --------------------------------------------------------------------
# Note that you can have any number of plain HTTP virtual-hosts on any
# one IP address but you can have only ONE SSL host per IP address. To
# have more than one SSL v-host on a server, you must have more than
# one IP address or use different (non-standard) port numbers.
# --------------------------------------------------------------------
# General Items
# -------------
User apache
TransferLog logs/access_log
ErrorLog logs/error_log
# Allow Name-based virtualhosting (for HTTP hosts only)
# -----------------------------------------------------
# You have to put your real IP address here
NameVirtualHost 192.168.1.1:80
# SSL Directives
# --------------
# Make sure to read the manual for each of these directives so you
# know if it is important and what it is for.
SSLCipherSuite ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache shm:/home/apache/logs/ssl_shm_scache
SSLSessionCacheTimeout 300
SSLMutex file:/home/apache/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog /home/apached/logs/ssl_engine_log
SSLLogLevel info
</IfModule>
# ----------
# SSL server
# ----------
# You will have to make a certificate for your site. Following the
# instructions on the mod_ssl website.
Listen 443
<VirtualHost 192.168.1.1:443>
SSLEngine on
SSLCertificateFile /home/apache/conf/ssl.crt/my_site.crt
SSLCertificateKeyFile /home/apache/conf/ssl.key/my_site.key
DocumentRoot /home/web/html/secure
</VirtualHost>
# -------------------
# Normal HTTP v-hosts
# -------------------
# Your network should be setup so that the hostnames "banana" and
# "kiwi" both point to your web-server (on address 192.168.1.1)
# 1st VirtualHost
# --------------------------
Listen 80
<VirtualHost 192.168.1.1:80>
ServerName banana
DocumentRoot /home/web/html/banana
</VirtualHost>
# 2nd VirtualHost
# --------------------------
Listen 80
<VirtualHost 192.168.1.1:80>
ServerName kiwi
DocumentRoot /home/web/html/kiwi
</VirtualHost>
# --------------------------- End of file ---------------------------
