On Tue, Nov 6, 2012 at 10:09 AM, Ben Johnson <[email protected]> wrote:
> > > On 11/5/2012 4:46 PM, Igor Cicimov wrote: > > > > On 06/11/2012 6:03 AM, "Phusion" <[email protected] > > <mailto:[email protected]>> wrote: > >> > >> I am in need of some assistance. The server is running Apache > > 2.2.15-15 on Red > >> Hat Enterprise Linux Server 6.3 x86_64. The configuration currently > > has the > >> following which works. We have a wildcard SSL certificate for > > *.domain.com <http://domain.com>. We > >> have all these on one NIC with the same IP address. I need to host a > > website > >> for another domain with that domain having another wildcard SSL > > certificate. I > >> know that I could either make a virtual IP address through aliasing or > > have > >> another NIC with another IP address. Maybe, I need to change to use a > >> combination of name-based virtual hosts and IP-based virtual hosts. > >> > >> Listen 80 > >> NameVirtualHost *:80 > >> NameVirtualHost *:443 > >> <VirtualHost *:80> > >> ServerName www.domain.com <http://www.domain.com> > >> Redirect / https://www.domain.com/ > >> </VirtualHost> > >> <VirtualHost *:443> > >> ServerName www.domain.com <http://www.domain.com> > >> DocumentRoot /data/websites/domain/www > >> </VirtualHost> > >> <VirtualHost *:80> > >> ServerName beta.domain.com <http://beta.domain.com> > >> Redirect / https://beta.domain.com/ > >> </VirtualHost> > >> <VirtualHost *:443> > >> ServerName beta.domain.com <http://beta.domain.com> > >> DocumentRoot /data/websites/domain/beta > >> </VirtualHost> > >> <VirtualHost *:80> > >> ServerName www.domain.net <http://www.domain.net> > >> Redirect / https://www.domain.com/ > >> </VirtualHost> > >> <VirtualHost *:443> > >> ServerName www.domain.net <http://www.domain.net> > >> DocumentRoot /data/websites/domain/www > >> Redirect / https://www.domain.com/ > >> </VirtualHost> > >> <VirtualHost *:80> > >> ServerName www.mydomain.com <http://www.mydomain.com> > >> Redirect / https://www.mydomain.com/ > >> </VirtualHost> > >> <VirtualHost *:443> > >> ServerName www.mydomain.com <http://www.mydomain.com> > >> DocumentRoot /data/websites/domain/www > >> Redirect / https://www.domain.com/ > >> </VirtualHost> > >> > >> The new domain could be called domain2.com <http://domain2.com>. > >> > >> <VirtualHost *:80> > >> ServerName www.domain2.com <http://www.domain2.com> > >> Redirect / https://www.domain2.com/ > >> </VirtualHost> > >> <VirtualHost *:443> > >> ServerName www.domain2.com <http://www.domain2.com> > >> DocumentRoot /data/websites/domain2/www > >> </VirtualHost> > > > > You can do ssl name virtual hosts starting with SNI support in all > > modern browsers and apache 2.2.12. All you need to do is point each > > virtual host to its wildcard domain cert. If that was the question... > > One important caveat regarding Server Name Indication (SNI): any > user-agent (browser, device, etc.) that doesn't implement SNI (IE on > Windows XP, for example) will be directed to the first virtual host that > is defined in your Apache configuration. This could have unwanted or > unintended consequences, so beware... especially if you cannot easily > re-order the entries manually. > > -Ben > Another point here: http://httpd.apache.org/docs/2.2/mod/mod_ssl.html#sslstrictsnivhostcheck > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
