PROPER VirtualHost config? [SOLVED]

[guttersnipe]

Hello fellow gentoo users. I come to you out of desperation. I've been using apache for years, now. It didn't take me long to develop several websites, and require virtualhosting. I've tried port-based virtual hosting and I've even tried ip-based virtual hosting. The best solution seems to be name-based virtual hosting. Over the years, I've just kind of modified various config files until I got the server to do what I wanted to do. My configurations are always confusing, and I'm sure they were terribly unorthodox. My question is: how do I set up VirtualHosting the RIGHT way.

Now, before you ask, I've read http://gentoo-wiki.com/HOWTO_Linux_Virt ... eb_Hosting . The wiki is terribly confusing. Most of the documentation is outdated, and it has little notes underneath each section basically saying "what was just explained is outdated; don't use it." I've tried following the directions, but all that did was break my apache setup. (I actually had a correct setup a few hours ago, and when I tried to go "proper," the only result was that nothing works)

Starting from the top:
/etc/conf.d/apache2
The only thing that I know of that pertains to virtual hosting in this file is the "-D DEFAULT_VHOST" option in APACHE2_OPTS. This is set in my configuration (as it is by default).

/etc/apache2/httpd.conf
I don't think I've changed anything in this file. It seems that Gentoo likes you to change things elsewhere. I know that modules configurations and virtual hosts configurations are in the modules.d and vhosts.d directories, respectfully. One thing I don't understand is the line below:

Code: Select all

Include /etc/apache2/vhosts.d/*.conf

Shouldn't this mean that it imports every file in the /etc/apache2/vhosts.d directory that ends in ".conf"?
One thing that's always been a pain is the update of apache2. When I have all my configurations in 00_default_vhost.conf, it makes it a pain to upgrade! I figured that you're SUPPOSED to put each virtual host in its own file in the vhosts.d directory (the wiki article supports this idea), but ever time I do, it never works!

Currently, here's what I've got:

Code: Select all

neo www # ls -l /var/www
total 8
drwxr-xr-x 15 root   root   4096 Feb  6 12:43 ampache
drwxr-xr-x  3 apache apache 4096 Mar  3 02:48 localhost

--AND--

Code: Select all

neo vhosts.d # ls -l /etc/apache2/vhosts.d/
total 16
-rw-r--r-- 1 root root 7745 Jan 18 18:30 00_default_ssl_vhost.conf
-rw-r--r-- 1 root root 2100 Mar  3 04:00 00_default_vhost.conf
-rw-r--r-- 1 root root 2831 Mar  3 03:38 default_vhost.include

...and here's the bloody 00_default_vhosts.conf file

Code: Select all

neo vhosts.d # cat 00_default_vhost.conf 
# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

<IfDefine DEFAULT_VHOST>
# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

# Use name-based virtual hosting.
NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default
# httpd.conf configuration will go away. We redefine it here so that it is
# still available.
#
# If you disable this vhost by removing -D DEFAULT_VHOST from
# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
# the default.
<VirtualHost *:80>
        ServerName localhost
        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>

</IfDefine>

<VirtualHost *:80>
        ServerName ampache.guttersnipe.homelinux.net
        DocumentRoot "/var/www/ampache"
        <Directory "/var/www/ampache">
                AllowOverride All
                Order allow,deny
                Allow from all
        </Directory>
</VirtualHost>

# vim: ts=4 filetype=apache

Currently, I can get to guttersnipe.homelinux.net but I CANNOT get to ampache.guttersnipe.homelinux.net. As I said, I think I've had this exact config a few hours ago, but now that I've tried to make it better (I tried putting the working config info into a file /etc/apache2/vhosts.d/01_ampache_vhost.conf), and now that I've tried to reverse it, the virtual host is completely broken. Please help me .

TIA, and sorry if the above is confusing. It's almost 4AM now and I have a headache from screwing around with this all night x_x (not to mention that I have work in the morning )

[nessus11]

I am having a similar problem. Does someone have a working configuration with this version of apache? I was trying to install the apache2.0.8 version but it is no longer available through portage.. Help please...

[z35]

For my configuration, I just do

/etc/apache2/vhosts.d/10_example.com.conf

Code: Select all

<VirtualHost *:80>
    ServerName "example.com"
    DocumentRoot "/var/www/example.com/htdocs"
    <Directory "/var/www/example.com/htdocs">
        Options Indexes FollowSymLinks MultiViews Includes ExecCGI
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
</VirtualHost>

Hosts may vary of course, but you should get the general ideal... And i think that is it... And modify the APACHE2_OPTS... If you have problems, you might want to look at apache's logs...

[Psychoman]

By browsing the gentoo fora and experimenting I have been aible to create a working apache-2.2.8 virtual host configuration with ssl.
It gives no errors when starting apache and behaves as expected.


default_vhost.include

Code: Select all

ServerAdmin root@localhost
DocumentRoot "/var/www/localhost/htdocs"

<Directory "/var/www/localhost/htdocs">
	Options Indexes FollowSymLinks
	AllowOverride All
	Allow from all
</Directory>

<IfModule alias_module>
	ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
</IfModule>

<Directory "/var/www/localhost/cgi-bin">
	AllowOverride None
	Options None
	Order allow,deny
	Allow from all
</Directory>

00_default_vhost.conf

Code: Select all

<IfDefine DEFAULT_VHOST>
Listen 80
NameVirtualHost *:80
<VirtualHost *:80>
	ServerName localhost
	Include /etc/apache2/vhosts.d/default_vhost.include

	<IfModule mpm_peruser_module>
		ServerEnvironment apache apache
	</IfModule>
</VirtualHost>
</IfDefine>

00_default_ssl_vhost.conf

Code: Select all

<IfDefine SSL>
<IfDefine SSL_DEFAULT_VHOST>
<IfModule ssl_module>
Listen 443
NameVirtualHost *:443
<VirtualHost *:443>
	ServerName localhost
	Include /etc/apache2/vhosts.d/default_vhost.include
	ErrorLog /var/log/apache2/ssl_error_log

	<IfModule log_config_module>
		TransferLog /var/log/apache2/ssl_access_log
	</IfModule>
	SSLEngine on
	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
	SSLCertificateFile /etc/apache2/ssl/server.crt
	SSLCertificateKeyFile /etc/apache2/ssl/server.key
	<FilesMatch "\.(cgi|shtml|phtml|php)$">
		SSLOptions +StdEnvVars
	</FilesMatch>
	<Directory "/var/www/localhost/cgi-bin">
		SSLOptions +StdEnvVars
	</Directory>
	<IfModule setenvif_module>
		BrowserMatch ".*MSIE.*" \
			nokeepalive ssl-unclean-shutdown \
			downgrade-1.0 force-response-1.0
	</IfModule>
	<IfModule log_config_module>
		CustomLog /var/log/apache2/ssl_request_log \
			"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
	</IfModule>
</VirtualHost>
</IfModule>
</IfDefine>
</IfDefine>

firstvirtualhost_vhost.include

Code: Select all

ServerAdmin root@localhost
ServerName firstvirtualhost.com
DocumentRoot "/var/www/firstvirtualhost/htdocs"

<Directory "/var/www/firstvirtualhost/htdocs">
	Options Indexes FollowSymLinks
	AllowOverride All
	Order allow,deny
	Allow from all
</Directory>

<IfModule alias_module>
	ScriptAlias /cgi-bin/ "/var/www/firstvirtualhost_vhost.include/cgi-bin/"
</IfModule>

<Directory "/var/www/firstvirtualhost/cgi-bin">
	AllowOverride None
	Options None
	Order allow,deny
	Allow from all
</Directory>

10_firstvirtualhost_vhost.conf

Code: Select all

<VirtualHost *:80>
	Include /etc/apache2/vhosts.d/firstvirtualhost_vhost.include
	<IfModule mpm_peruser_module>
		ServerEnvironment apache apache
	</IfModule>
</VirtualHost>

10_firstvirtualhost_ssl_vhost.conf

Code: Select all

<IfDefine SSL>
<IfDefine SSL_DEFAULT_VHOST>
<IfModule ssl_module>
<VirtualHost *:443>
	Include /etc/apache2/vhosts.d/firstvirtualhost_vhost.include
	ErrorLog /var/www/firstvirtualhost/logs/ssl_error_log

	<IfModule log_config_module>
		TransferLog /var/www/firstvirtualhost/logs/ssl_access_log
	</IfModule>
	SSLEngine on
	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
	SSLCertificateFile /etc/apache2/ssl/server.crt
	SSLCertificateKeyFile /etc/apache2/ssl/server.key
	<FilesMatch "\.(cgi|shtml|phtml|php)$">
		SSLOptions +StdEnvVars
	</FilesMatch>

	<Directory "/var/www/firstvirtualhost/cgi-bin">
		SSLOptions +StdEnvVars
	</Directory>
	<IfModule setenvif_module>
		BrowserMatch ".*MSIE.*" \
			nokeepalive ssl-unclean-shutdown \
			downgrade-1.0 force-response-1.0
	</IfModule>
	<IfModule log_config_module>
		CustomLog /var/www/firstvirtualhost/logs/ssl_request_log \
			"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
	</IfModule>
</VirtualHost>
</IfModule>
</IfDefine>
</IfDefine>

secondvirtualhost_vhost.include

Code: Select all

ServerAdmin root@localhost
ServerName secondvirtualhost.com
DocumentRoot "/var/www/secondvirtualhost/htdocs"

<Directory "/var/www/secondvirtualhost/htdocs">
	Options Indexes FollowSymLinks
	AllowOverride All
	Allow from all
</Directory>

<IfModule alias_module>
	ScriptAlias /cgi-bin/ "/var/www/secondvirtualhost/cgi-bin/"
</IfModule>

<Directory "/var/www/secondvirtualhost/cgi-bin">
	AllowOverride None
	Options None
	Order allow,deny
	Allow from all
</Directory>

20_secondvirtualhost_vhost.conf

Code: Select all

<VirtualHost *:80>
	Include /etc/apache2/vhosts.d/secondvirtualhost_vhost.include

	<IfModule mpm_peruser_module>
		ServerEnvironment apache apache
	</IfModule>
</VirtualHost>

20_secondvirtualhost_ssl_vhost.conf

Code: Select all

<IfDefine SSL>
<IfDefine SSL_DEFAULT_VHOST>
<IfModule ssl_module>
<VirtualHost *:443>
	Include /etc/apache2/vhosts.d/secondvirtualhost_vhost.include
	ErrorLog /var/www/secondvirtualhost/logs/ssl_error_log
	<IfModule log_config_module>
		TransferLog /var/www/secondvirtualhost/logs/ssl_access_log
	</IfModule>
	SSLEngine on
	SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
	SSLCertificateFile /etc/apache2/ssl/server.crt
	SSLCertificateKeyFile /etc/apache2/ssl/server.key
	<FilesMatch "\.(cgi|shtml|phtml|php)$">
		SSLOptions +StdEnvVars
	</FilesMatch>
	<Directory "/var/www/secondvirtualhost/cgi-bin">
		SSLOptions +StdEnvVars
	</Directory>
	<IfModule setenvif_module>
		BrowserMatch ".*MSIE.*" \
			nokeepalive ssl-unclean-shutdown \
			downgrade-1.0 force-response-1.0
	</IfModule>
	<IfModule log_config_module>
		CustomLog /var/www/secondvirtualhost/logs/ssl_request_log \
			"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
	</IfModule>
</VirtualHost>
</IfModule>
</IfDefine>
</IfDefine>

[guttersnipe]

Thanks for your responses.

I ended up emerging the latest apache2. It came with new configuration files, so I just overwrote my old with the new ones with etc-update and -5.

I then was able to create the one file/site in the vhosts.d directory, and it works just fine. Here's what I have now (note: I'm not going to bother posting SSL config files, as I don't use it):

Code: Select all

# ls /etc/apache2/vhosts.d
00_default_ssl_vhost.conf  01_ampache_vhost.conf      default_vhost.include
00_default_vhost.conf      02_pixerch-0.8.vhost.conf

/etc/apache2/vhosts.d/00_default_vhost.conf

Code: Select all

# Virtual Hosts
#
# If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

<IfDefine DEFAULT_VHOST>
# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
#Listen 12.34.56.78:80
Listen 80

# Use name-based virtual hosting.
NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default
# httpd.conf configuration will go away. We redefine it here so that it is
# still available.
#
# If you disable this vhost by removing -D DEFAULT_VHOST from
# /etc/conf.d/apache2, the first defined virtual host elsewhere will be
# the default.
<VirtualHost *:80>
        ServerName localhost
        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>
                ServerEnvironment apache apache
        </IfModule>
</VirtualHost>
</IfDefine>

# vim: ts=4 filetype=apache

/etc/apache2/vhosts.d/default_vhost.include

Code: Select all

# ServerAdmin: Your address, where problems with the server should be
# e-mailed.  This address appears on some server-generated pages, such
# as error documents.  e.g. admin@your-domain.com
ServerAdmin root@localhost

# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
# If you change this to something that isn't under /var/www then suexec
# will no longer work.
DocumentRoot "/var/www/localhost/htdocs"

# This should be changed to whatever you set DocumentRoot to.
<Directory "/var/www/localhost/htdocs">
        # Possible values for the Options directive are "None", "All",
        # or any combination of:
        #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
        #
        # Note that "MultiViews" must be named *explicitly* --- "Options All"
        # doesn't give it to you.
        #
        # The Options directive is both complicated and important.  Please see
        # http://httpd.apache.org/docs/2.2/mod/core.html#options
        # for more information.
        Options Indexes FollowSymLinks

        # AllowOverride controls what directives may be placed in .htaccess files.
        # It can be "All", "None", or any combination of the keywords:
        #   Options FileInfo AuthConfig Limit
        AllowOverride All

        # Controls who can get stuff from this server.
        Order allow,deny
        Allow from all
</Directory>

<IfModule alias_module>
        # Redirect: Allows you to tell clients about documents that used to
        # exist in your server's namespace, but do not anymore. The client
        # will make a new request for the document at its new location.
        # Example:
        #   Redirect permanent /foo http://www.example.com/bar

        # Alias: Maps web paths into filesystem paths and is used to
        # access content that does not live under the DocumentRoot.
        # Example:
        #   Alias /webpath /full/filesystem/path
        #
        # If you include a trailing / on /webpath then the server will
        # require it to be present in the URL.  You will also likely
        # need to provide a <Directory> section to allow access to
        # the filesystem path.

        # ScriptAlias: This controls which directories contain server scripts.
        # ScriptAliases are essentially the same as Aliases, except that
        # documents in the target directory are treated as applications and
        # run by the server when requested rather than as documents sent to the
        # client.  The same rules about trailing "/" apply to ScriptAlias
        # directives as to Alias.
        ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"
</IfModule>

# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/var/www/localhost/cgi-bin">
        AllowOverride None
        Options None
        Order allow,deny
        Allow from all
</Directory>

# vim: ts=4 filetype=apache

/etc/apache2/vhosts.d/01_ampache_vhost.conf

Code: Select all

<VirtualHost *:80>
        ServerName ampache.guttersnipe.homelinux.net
        DocumentRoot "/var/www/ampache"
        <Directory "/var/www/ampache">
                AllowOverride all
                Order allow,deny
                Allow from all
        </Directory>
</VirtualHost>

/etc/apache2/vhosts.d/02_pixerch-0.8.vhost.conf

Code: Select all

<VirtualHost *:80>
        ServerName pixerch.guttersnipe.homelinux.net
        DocumentRoot "/var/www/pixerch-0.8/htdocs"
        <Directory "/var/www/pixerch-0.8/htdocs">
                AllowOverride all
                Order allow,deny
                Allow from all
        </Directory>
</VirtualHost>

Again, that's for your support and for posting your configurations.

[nessus11]

Man, you guys are great. I was getting so frustrated since I had somewhat of a time limit at work. Thanks again and good karma to you. Now, for the svn part..yikes..

[COiN3D]

I just wanted to paste more than one virtual host in a config file, but Apache doesn't accept my second vhost, although it has completely correct syntax (exact the same like the virtual host that works, except for the directory and domain name). Do you have a similar problem?

[nessus11]

I just wanted to paste more than one virtual host in a config file, but Apache doesn't accept my second vhost, although it has completely correct syntax (exact the same like the virtual host that works, except for the directory and domain name). Do you have a similar problem?

I tried doing the same thing by putting all my virtual host in one config file, but unfortunately, it didn't work. I created a config file for each virtual host and it did work.

01_vhost1.conf
02_vhost2.conf
03_vhost3.conf
etc....

Hope this helps...

[COiN3D]

Solved it - but for what reason, I don't know why your configurations work for you guys! In my case I had to add another line called "ServerAlias".

Example:

Code: Select all

<VirtualHost *:80>
        ServerName www.fwsearch.org
	ServerAlias fwsearch.org *.fwsearch.org
        DocumentRoot "/var/www/localhost/htdocs/fwsearch.org"
        <Directory "/var/www/localhost/htdocs/fwsearch.org">
                AllowOverride all
                Order allow,deny
                Allow from all
        </Directory>
</VirtualHost> 

[chidychi]

serveralias just lets you define different "names" or strings for the same virtual host.

www.example.org is different than www1.example.org or example..org
you don't need it if you only want traffic from specifically www.example.org going to your one virtual host

[chidychi]

By browsing the gentoo fora and experimenting I have been aible to create a working apache-2.2.8 virtual host configuration with ssl.
It gives no errors when starting apache and behaves as expected.


default_vhost.include


00_default_vhost.conf


00_default_ssl_vhost.conf


firstvirtualhost_vhost.include


10_firstvirtualhost_vhost.conf


10_firstvirtualhost_ssl_vhost.conf


secondvirtualhost_vhost.include


20_secondvirtualhost_vhost.conf


20_secondvirtualhost_ssl_vhost.conf

Hey , Are you saying that your virtual hosts can be handled through ssl this way?
I am trying to do that but it errors out saying

Code: Select all

 [warn] _default_ VirtualHost overlap on port 443, the first has precedence

when I try to access a virtual host securely it defaults back to my document root.

cheers
chi

[nessus11]

Here is my "howto" to force my site to use https.

So when I type in www.mydomain.com, it automatically goes to https://www.mydomain.com. Accept the certificate first of course or click to continue to website if you are using IE7. There's usually a message before accepting a digital certificate I think...


"Howto Virtual Hosting with SSL on Gentoo "



Note: You will need a working Gentoo box. To setup Gentoo, go here.

http://www.gentoo.org/doc/en/index.xml? ... #doc_chap2


# emerge -av apache



The ebuild for apache I emerged:



www-servers/apache-2.2.8



Once installed, you will need to configure the following files:



/etc/conf.d/apache2



Files will be configured or added in this directory depending on how many vhosts:



/etc/apache2/vhost.d/



Now for the fun part.



# cd /etc/apache2/vhost.d/



These are my configuration files I came up with by looking at the examples from gentoo.org forums.



I will force apache to point to https when my site is being requested so it will be using a secured line by way of ssl.



(However for now, it will be using a certificate created from localhost with a 256bit encryption. A certificate can be purchased from a Certificate Authority like Verisign, Go-Daddy, etc. Verisign is one that holds 57% of the market regarding digital security certificates.)

http://en.wikipedia.org/wiki/Certificate_authority

First edit /etc/apache/vhost.d/ 00_default_ssl_vhost.conf



# vi 00_default_ssl_vhost.conf



Listen 443
NameVirtualHost *:443
<VirtualHost _default_:443>
ServerName localhost
Include /etc/apache2/vhosts.d/default_vhost.include
ErrorLog /var/log/apache2/ssl_error_log

<IfModule log_config_module>
TransferLog /var/log/apache2/ssl_access_log
</IfModule>



The line in bold letters is what was added.



Now let us create our virtual hosts.



# vi mydomain_vhost.include



ServerAdmin root@localhost
ServerName www.mydomain.com
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
# If you change this to something that isn't under /var/www then suexec
# will no longer work.
DocumentRoot "/var/www/mydomain"

# This should be changed to whatever you set DocumentRoot to.
<Directory "/var/www/mydomain">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.2/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks

# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
AllowOverride All
# Controls who can get stuff from this server.
Order allow,deny
Allow from all
</Directory>



Now edit next config file which is 01_mydomain_ssl_vhost.conf.



# vi 01_mydomain_ssl_vhost.conf



<VirtualHost *:443>
ServerName localhost
Include /etc/apache2/vhosts.d/mydomain_vhost.include
ErrorLog /var/log/apache2/ssl_error_log

<IfModule log_config_module>
TransferLog /var/log/apache2/ssl_access_log
</IfModule>

## SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on

## SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

## Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate. If the certificate
# is encrypted, then you will be prompted for a pass phrase. Note that a
# kill -HUP will prompt again. Keep in mind that if you have both an RSA
# and a DSA certificate you can configure both in parallel (to also allow
# the use of DSA ciphers, etc.)
SSLCertificateFile /etc/apache2/ssl/server.crt



Last file to configure which is 01_mydomain_vhost.conf.



# vi 01_mydomain_vhost.conf




<VirtualHost *:80>

Include /etc/apache2/vhosts.d/mydomain_vhost.include

<IfModule mpm_peruser_module>
ServerEnvironment apache apache
</IfModule>

<Location />
RedirectMatch 301 (.*)$ https://www.mydomain.com$1
</Location>


</VirtualHost>
</IfDefine>

# vim: ts=4 filetype=apache
~



You can repeat the same steps with your next virtual host. Just don't forget to number them differently and point apache to the correct file for each virtual host.



02_mydomain2_vhost.d.conf

02_mydomian2_ssl_vhosht.d.conf

mydomain2_vhost.d.inlucde

Hope this helps.

[Psychoman]

Hey , Are you saying that your virtual hosts can be handled through ssl this way?

That's what it does yes.
Note that the protocol can't handle name based virtual hosts over ssl,
so the same certificate is used for all virtual hosts.
Not extremely secure but better then nothing ...

Note that, although it is working, I get some warnings:

Code: Select all

[warn] Init: SSL server IP/port conflict: virtual_host1:443 (/etc/apache2/vhosts.d/10_virtual_host1_ssl_vhost.conf:12) vs. virtual_host2:443 (/etc/apache2/vhosts.d/20_virtual_host2_ssl_vhost.conf:11)

[warn] Init: SSL server IP/port conflict: localhost:443 (/etc/apache2/vhosts.d/00_default_ssl_vhost.conf:11) vs. virtual_host2:443 (/etc//apache2/vhosts.d/20_virtual_host2_ssl_vhost.conf:11

[warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!