On Sun, 2007-02-25 at 15:31 +0100, Julius Thyssen wrote: > HI, > > I have a VPS listening to 2 different public IP-adresses. > For ALL http and a https virtual host requests it currently listens to only 1 > IP > > The ssl.conf therefore has > > Listen xxx.xxx.xxx.xx1:443 > Listen xxx.xxx.xxx.xx1:81 > > <VirtualHost _default_:443> > > in it. And httpd.conf therefore has > > Listen xxx.xxx.xxx.xx1:80 > > NameVirtualHost *:80 > > <VirtualHost *:80> > > I'd like to run another SSL host, on the other IP-address, mainly > because I want to use a different name and document root for it. > This host has a name not existing for the other IP-hosts, and > the new/extra host needs only SSL, and will not need a port 80 one, > although auto-rewrite to the https would be nice for it. > (I have this for the existing hosts and aliases, so I know how to do that.) > > How does one best accomplish this? >
By configuring the new IP address to the machine, adding a Listen directive for the new IP address and port (443), and adding a new virtual host for that IP address and port. A rewrite or redirect from http to https must be handled within a non-SSL virtual host so you would need to create another virtual host for the new IP address on port 80 and have the appropriate directives within that. > I've looked really hard, but could not find info on this, > my guess is not many servers *can* listen to 2 different IPs. Apache can and it is very common. > I've been considering to construct something where a different > document root would be used with a certain name request, through rewrite, > and then the other hostname would be an alias of the main ones, > but that seemed overly complex since I do have the other IP I can use. Don't really understand what you're getting at here... if you mean using name based virtual hosting with SSL, you can't do that because Apache selects the appropriate NBVH by looking at the Host header, but it can't see the Host header until it's decrypted the SSL traffic, and it can't decrypt the SSL traffic until it knows what SSL key to use, and it only knows that once it knows which virtual host to use because that's where it's configured. And it can't tell which virtual host to use until it reads the Host header. This is in the FAQ. > Thanks in advance for any advice on this. > > > Julius > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List modssl-users@modssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]