Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
Hi I was wrong i'm sorry for my mistake. I didn't veryify is it really use more than one certificate because i was shure that it must wor that's why (i didn't think that there may be function to choose some other, that is not working why it is added then?:S). I've just try how it's work it uses only 1 certificate for all SSL vhosts :/ Sorry again for misinformation about that. At 06:25 2006-05-25, you wrote: On 5/24/06, Marcin Wilk [EMAIL PROTECTED] wrote: I'm using OpenBSD 3.7 with default Apache with SSL over two VirtualHosts witht he same IP. Really. Have you actually verified that your client receives different server certificates when you connect? Or do you use the same certificate for both virtual hosts? (I don't understand why you hid the hostnames when you showed the snippet of your httpd.conf; if you had used real hostnames I wouldn't be sending this email as I would have been able to get the answers myself. It's not like your host won't have been scanned at some point by worms...) Philip Guenther
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
From: [EMAIL PROTECTED] At startup of Apache I get a warning notice of [warn] NameVirtualHost xxx.xxx.xxx.xxx:443 has no VirtualHosts. I have two virtual hosts for port 80 based on IP to ServerName. I then have one virtual host for SSL port 443. I have NameVirtualHost xxx.xxx.xxx.xxx:80 and NameVirtualHost xxx.xxx.xxx.xxx:443. Any ideas or suggestions how to resolve these problems would be much appreciated. http://httpd.apache.org/docs/1.3/vhosts/name-based.html Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol. DS
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
Okay, but this is only part of the problem from what I understand from reading the provided link. How can I have multiple sites on the same server then if I don't use name-based virtual hosts without using multiple IP addresses? Any idea about the other issue I'm having? Best, Adam -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Spruell, Darren-Perot Sent: Wednesday, May 24, 2006 1:42 PM To: misc@openbsd.org Subject: Re: Apache: Odd Errors with HTTPS and NameVirtualHosts From: [EMAIL PROTECTED] At startup of Apache I get a warning notice of [warn] NameVirtualHost xxx.xxx.xxx.xxx:443 has no VirtualHosts. I have two virtual hosts for port 80 based on IP to ServerName. I then have one virtual host for SSL port 443. I have NameVirtualHost xxx.xxx.xxx.xxx:80 and NameVirtualHost xxx.xxx.xxx.xxx:443. Any ideas or suggestions how to resolve these problems would be much appreciated. http://httpd.apache.org/docs/1.3/vhosts/name-based.html Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol. DS
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
Original message Date: Wed, 24 May 2006 16:51:15 -0600 From: Adam Douglas [EMAIL PROTECTED] Subject: Re: Apache: Odd Errors with HTTPS and NameVirtualHosts To: Spruell, Darren-Perot [EMAIL PROTECTED], misc@openbsd.org Okay, but this is only part of the problem from what I understand from reading the provided link. How can I have multiple sites on the same server then if I don't use name-based virtual hosts without using multiple IP addresses? i have this running with 2 static IPs binat-ed to 2 local addresses (one of them is an alias) that are on a single server. AFAIK, you cannot share a single public IP for 2 sites that require separate SSL certs. if you google, it is explained as having to do with the headers. if you only have 1 public IP, the best you can do is http://www.onlamp.com/pub/a/apache/2005/02/17/apacheckbk.html so you should get more public IPs if you want your config to work. Any idea about the other issue I'm having? ?
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
From: Adam Douglas [mailto:[EMAIL PROTECTED] Okay, but this is only part of the problem from what I understand from reading the provided link. How can I have multiple sites on the same server then if I don't use name-based virtual hosts without using multiple IP addresses? 2 non-SSL sites and 1 SSL site with virtual hosting - here's _one_ way to do it. NameVirtualHost 1.2.3.4:80 VirtualHost 1.2.3.4:80 ServerName site1.domain.tld DocumentRoot/var/www/site1.domain.tld ServerAdmin [EMAIL PROTECTED] /VirtualHost VirtualHost 1.2.3.4:80 ServerName site2.domain.tld DocumentRoot/var/www/site2.domain.tld ServerAdmin [EMAIL PROTECTED] /VirtualHost VirtualHost 1.2.3.4:443 ServerName secure.domain.tld DocumentRoot/var/www/secure.domain.tld ServerAdmin [EMAIL PROTECTED] SSLEngine on SSLCertificateFile conf/certs/admin/server.crt SSLCertificateKeyFile conf/certs/admin/server.key /VirtualHost Notice that 1.2.3.4:80 is a name-based virtual host, while 1.2.3.4:443 is not. *** If you want to do a second SSL site, you cannot reuse 1.2.3.4:443. You can do 1.2.3.5:443, and you can even do 1.2.3.4:10443. DS
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
Hi I'm using OpenBSD 3.7 with default Apache with SSL over two VirtualHosts witht he same IP. Here is how it works in there: NameVirtualHost *:80 NameVirtualHost *:443 VirtualHost * ServerName myservername.com /VirtualHost VirtualHost *:443 ServerName needssl.myservername.com DocumentRoot /var/www/htdocs/mydomainssl SSLEngine on SSLCertificateFile /etc/ssl/server-ssl2.crt SSLCertificateKeyFile /etc/ssl/private/ssl2.key /VirtualHost second ssl is just default: VirtualHost _default_:443 DocumentRoot /var/www/htdocs ServerName myservername.com ServerAdmin i'[EMAIL PROTECTED] ErrorLog logs/error_log TransferLog logs/access_log SSLEngine on SSLCertificateFile/etc/ssl/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key /VirtualHost As You can see the main difference are certificate files. At 00:51 2006-05-25, you wrote: Okay, but this is only part of the problem from what I understand from reading the provided link. How can I have multiple sites on the same server then if I don't use name-based virtual hosts without using multiple IP addresses? Any idea about the other issue I'm having? Best, Adam -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Spruell, Darren-Perot Sent: Wednesday, May 24, 2006 1:42 PM To: misc@openbsd.org Subject: Re: Apache: Odd Errors with HTTPS and NameVirtualHosts From: [EMAIL PROTECTED] At startup of Apache I get a warning notice of [warn] NameVirtualHost xxx.xxx.xxx.xxx:443 has no VirtualHosts. I have two virtual hosts for port 80 based on IP to ServerName. I then have one virtual host for SSL port 443. I have NameVirtualHost xxx.xxx.xxx.xxx:80 and NameVirtualHost xxx.xxx.xxx.xxx:443. Any ideas or suggestions how to resolve these problems would be much appreciated. http://httpd.apache.org/docs/1.3/vhosts/name-based.html Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol. DS Marcin Nicram Wilk Homepage: http://nicram.sytes.net Maintainer of: http://ng.pl.eu.org http://mga.pl.eu.org AQQ:66491 , GG:2941385 , ICQ:126530466 YMAIM:nicr4m , Skype:nicrame Tlen:[EMAIL PROTECTED] , MSN:[EMAIL PROTECTED] Jabber:[EMAIL PROTECTED], [EMAIL PROTECTED] IRC: http://www.ii2.org/user.php?nick=nicram
Re: Apache: Odd Errors with HTTPS and NameVirtualHosts
Marcin Wilk wrote: Hi I'm using OpenBSD 3.7 with default Apache with SSL over two VirtualHosts witht he same IP. Here is how it works in there: NameVirtualHost *:80 NameVirtualHost *:443 Regardless of what you can put in any configuration, Port 80, http 1.1+ (I think) allows you to put the NAME of the host that you are addressing. This allows name-based virtual servers. On port 80. Port 443 does not allow that distinction. It just know which IP address was used. It has no idea which NAME was used to get the IP address. VirtualHost * ServerName myservername.com /VirtualHost VirtualHost *:443 ServerName needssl.myservername.com DocumentRoot /var/www/htdocs/mydomainssl SSLEngine on SSLCertificateFile /etc/ssl/server-ssl2.crt SSLCertificateKeyFile /etc/ssl/private/ssl2.key /VirtualHost second ssl is just default: VirtualHost _default_:443 DocumentRoot /var/www/htdocs ServerName myservername.com ServerAdmin i'[EMAIL PROTECTED] ErrorLog logs/error_log TransferLog logs/access_log SSLEngine on SSLCertificateFile/etc/ssl/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key /VirtualHost As You can see the main difference are certificate files. At 00:51 2006-05-25, you wrote: Okay, but this is only part of the problem from what I understand from reading the provided link. How can I have multiple sites on the same server then if I don't use name-based virtual hosts without using multiple IP addresses? Any idea about the other issue I'm having? Best, Adam -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Spruell, Darren-Perot Sent: Wednesday, May 24, 2006 1:42 PM To: misc@openbsd.org Subject: Re: Apache: Odd Errors with HTTPS and NameVirtualHosts From: [EMAIL PROTECTED] At startup of Apache I get a warning notice of [warn] NameVirtualHost xxx.xxx.xxx.xxx:443 has no VirtualHosts. I have two virtual hosts for port 80 based on IP to ServerName. I then have one virtual host for SSL port 443. I have NameVirtualHost xxx.xxx.xxx.xxx:80 and NameVirtualHost xxx.xxx.xxx.xxx:443. Any ideas or suggestions how to resolve these problems would be much appreciated. http://httpd.apache.org/docs/1.3/vhosts/name-based.html Name-based virtual hosting cannot be used with SSL secure servers because of the nature of the SSL protocol. DS Marcin Nicram Wilk Homepage: http://nicram.sytes.net Maintainer of: http://ng.pl.eu.org http://mga.pl.eu.org AQQ:66491 , GG:2941385 , ICQ:126530466 YMAIM:nicr4m , Skype:nicrame Tlen:[EMAIL PROTECTED] , MSN:[EMAIL PROTECTED] Jabber:[EMAIL PROTECTED], [EMAIL PROTECTED] IRC: http://www.ii2.org/user.php?nick=nicram
