Igor, Thanks for your time. I'm going to try it. Yes. I'm running Apache 2 on a Linux platform. I actually have a production system that is running on Apache 1.3.x and am in the process of migration to Apache 2.
I've a question, why do I need to following? "# Note: The following must must be present to support # starting without SSL on platforms with no /dev/random equivalent # but a statically compiled-in mod_ssl. # <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> " I don't recall using this <IfModule> in Apache 1.3.x. Mary ________________________________ From: Igor Cicimov [mailto:icici...@gmail.com] Sent: Tuesday, May 04, 2010 7:31 PM To: users@httpd.apache.org Subject: Re: [us...@httpd] Port 80 and 443 Running Name Based Virtual Host on a Single IP Address - need an example Well you can give a go to the following configuration: Make the end of the httpd.conf look like this: ==SNIP== # Secure (SSL/TLS) connections Include conf/extra/httpd-ssl.conf # # Note: The following must must be present to support # starting without SSL on platforms with no /dev/random equivalent # but a statically compiled-in mod_ssl. # <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule> NameVirtualHost IP_ADDRESS:80 <VirtualHost IP_ADDRESS:80> DocumentRoot "/usr/local/apache2/htdocs" ServerName example2.com<http://example2.com> ServerAlias www.example2.com<http://www.example2.com> ServerAdmin y...@example2.com<mailto:y...@example2.com> ErrorLog "|/usr/local/apache2/bin/rotatelogs /usr/local/apache2/logs/error_log.%Y-%m-%d-%H_%M_%S 86400" CustomLog "|/usr/local/apache2/bin/rotatelogs /usr/local/apache2/logs/access_log.%Y-%m-%d-%H_%M_%S 86400" common LogLevel info </VirtualHost> This should include the SSL virtual server configuration (note the "Include conf/extra/httpd-ssl.conf" line) and create virtual host on port 80. For the SSL host on port 443, make the conf/extra/httpd-ssl.conf file look like: ==SNIP== Listen 443 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl SSLSessionCache "shmcb:/usr/local/apache2/logs/ssl_scache(512000)" SSLSessionCacheTimeout 300 SSLMutex "file:/usr/local/apache2/logs/ssl_mutex" NameVirtualHost IP_ADDRESS:443 <VirtualHost IP_ADDRESS:443> DocumentRoot "/usr/local/apache2/htdocs" ServerName example1.com<http://example1.com> ServerAlias www.example1.com<http://www.example1.com> ServerAdmin y...@example1.com<mailto:y...@example1.com> ErrorLog "|/usr/local/apache2/bin/rotatelogs /usr/local/apache2/logs/error_log.%Y-%m-%d-%H_%M_%S 86400" CustomLog "|/usr/local/apache2/bin/rotatelogs /usr/local/apache2/logs/access_log.%Y-%m-%d-%H_%M_%S 86400" common LogLevel info SSLEngine on #SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL SSLProtocol -ALL +SSLv3 +TLSv1 SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM SSLCertificateFile /usr/local/apache2/conf/ssl.crt/www.example1.crt SSLCertificateKeyFile /usr/local/apache2/conf/ssl.crt/unencrypted.key SSLCACertificateFile /usr/local/apache2/conf/ssl.crt/intermediatecrt.crt #SSLVerifyClient require #SSLVerifyDepth 10 #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire <FilesMatch "\.(cgi|shtml|phtml|php)$"> SSLOptions +StdEnvVars </FilesMatch> <Directory "/usr/local/apache2/cgi-bin"> SSLOptions +StdEnvVars </Directory> BrowserMatch ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #CustomLog "/usr/local/apache2/logs/ssl_request_log" \ # "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> ==SNIP== I'm assuming you are running apache2 on Unix/Linux and it's been installed in /usr/local/apache2 directory. I also assume that you have the knowledge of creating self generated certificate and/or installing third party certificate from a legal body (like Verisign etc). Please note that you might want to change some of the config settings for the SSL or the file names of the logs or the path where the certificate is going to be installed. If any more help needed, or something not working please let me know :) Igor On Wed, May 5, 2010 at 11:11 AM, Wang, Mary Y <mary.y.w...@boeing.com<mailto:mary.y.w...@boeing.com>> wrote: Hi, How do I declare a port 80 and port 443 name-based virtual host on a single IP address? For example: I've two aliases (CNAMES) are pointing to same machine in DNS. I want www.example1.com<http://www.example1.com> to be main server configuration. www.example1.com<http://www.example1.com> -> port 443 www.example2.com<http://www.example2.com> -> port 80 and both of them are on single IP. Can someone give me example? Thanks Mary --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org<mailto:users-unsubscr...@httpd.apache.org> " from the digest: users-digest-unsubscr...@httpd.apache.org<mailto:users-digest-unsubscr...@httpd.apache.org> For additional commands, e-mail: users-h...@httpd.apache.org<mailto:users-h...@httpd.apache.org>
