Yes, and that config is a good compendium of bad advice and deprecated directives.
El mié, 6 jul 2022 14:28, Frank Gingras <thu...@apache.org> escribió: > Paul, > > Not sure how your example helps with the OP issue at all. > > On Wed, 6 Jul 2022 at 06:40, Paul Kudla (SCOM.CA Internet Services Inc.) < > p...@scom.ca> wrote: > >> >> this is how my ssl, vhosts, redirects are setup maybe this will help >> >> note any ssl website name MUST equal a valid certificate or you will get >> a cert mismatch error !! >> >> granted there are several cert authorities (free ssl etc) i have found >> its just easier to get a resale account (lots of providers opensrs, >> certigo, thwarte etc etc) and pay the 10.00 per cert. >> >> cert would be ok for www.xxx.com xnd xxx.com (aka you typically only >> need one certificate per site.) >> >> not pushing any provider, just saying letsencrypt etc does not always >> work reliabily or speed issues.... >> >> >> >> <VirtualHost *:80> >> ServerName bedrockconstruction.ca >> ServerAlias bedrockconstruction.ca >> ServerAlias www.bedrockconstruction.ca >> Redirect permanent / https://bedrockconstruction.ca/ >> </VirtualHost> >> >> <VirtualHost *:443> >> ServerName bedrockconstruction.ca >> ServerAlias bedrockconstruction.ca >> ServerAlias www.bedrockconstruction.ca >> DocumentRoot /www/bedrockconstruction.ca >> >> SSLEngine on >> SSLProtocol all >> SSLCertificateFile >> /www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.crt >> SSLCertificateKeyFile >> /www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.key >> SSLCertificateChainFile >> /www/bedrockconstruction.ca/ssl/bedrockconstruction.ca.chain >> >> >> SuexecUserGroup www www >> >> <Directory "/www/bedrockconstruction.ca/wp-content/uploads/"> >> <Files "*.php"> >> Order Deny,Allow >> Deny from All >> </Files> >> </Directory> >> >> <Directory /www/bedrockconstruction.ca> >> php_admin_value open_basedir /www/bedrockconstruction.ca:/var/log/ >> </Directory> >> >> <Directory /www/bedrockconstruction.ca> >> php_admin_value sys_temp_dir /www/bedrockconstruction.ca/tmp/ >> </Directory> >> >> <Directory /www/bedrockconstruction.ca> >> php_admin_value session.save_path /www/bedrockconstruction.ca/tmp/ >> </Directory> >> >> <Directory /www/bedrockconstruction.ca> >> php_admin_value soap.wsdl_cache_dir /www/bedrockconstruction.ca/tmp/ >> </Directory> >> >> <Directory /www/bedrockconstruction.ca> >> php_admin_value upload_tmp_dir /www/bedrockconstruction.ca/tmp >> </Directory> >> >> <Directory "/www/bedrockconstruction.ca"> >> AllowOverride All >> php_value session.save_path "/www/bedrockconstruction.ca/" >> </Directory> >> >> </VirtualHost> >> >> >> >> Happy Wednesday !!! >> Thanks - paul >> >> Paul Kudla >> >> >> Scom.ca Internet Services <http://www.scom.ca> >> 004-1009 Byron Street South >> Whitby, Ontario - Canada >> L1N 4S3 >> >> Toronto 416.642.7266 >> Main 1.866.411.7266 >> Fax 1.888.892.7266 >> Email p...@scom.ca >> >> On 7/5/2022 5:38 PM, scom...@httpd.apache.org wrote: >> > I've tried several variations but basically the error message is that >> > the certificate and the key for example2.com >> > <http://example2.com/> don't match. I thought I had set up the >> > certificate with the proper keys so something must be screwed up with >> > the certificate. I'm working on that. >> > >> > Jack >> > >> >> On 2 Jul 2022, at 1:21, Frank Gingras <thu...@apache.org >> >> <mailto:thu...@apache.org>> wrote: >> >> >> >> What does the error log say, exactly? Note that TLS failures can be >> >> almost silent in the logs, so if a single vhost causes the startup >> >> error, then check the certificate. >> >> >> >> On Fri, 1 Jul 2022 at 17:24, jnil...@jala.com >> >> <mailto:jnil...@jala.com> <jnil...@jala.com <mailto:jnil...@jala.com>> >> >> >> wrote: >> >> >> >> Here's an example version of my vhosts.conf file: >> >> >> >> # http redirect >> >> <VirtualHost *:80> >> >> ServerName central.com <http://central.com/> >> >> ServerAlias www.example1.com <http://www.example1.com/> >> >> *.example1.com <http://example1.com/> >> >> Redirect / https://www.example1.com/ <https://www.example1.com/> >> >> ErrorLog /var/log/apache2/example1.com >> >> <http://example1.com/>-error80_log >> >> CustomLog /var/log/apache2/example1.com >> >> <http://example1.com/>-access80_log combined >> >> </VirtualHost> >> >> >> >> <Virtualhost *:80> >> >> ServerName example2.com <http://example2.com/> >> >> ServerAlias www.example2.com <http://www.example2.com/> >> >> *.example2.com <http://example2.com/> >> >> Redirect / https://www.example2.com/ <https://www.example2.com/> >> >> ErrorLog /var/log/apache2/example2.com >> >> <http://example2.com/>-error80_log >> >> CustomLog /var/log/apache2/example2.com >> >> <http://example2.com/>-access80_log combined >> >> </VirtualHost> >> >> >> >> # https version >> >> <VirtualHost *:443> >> >> ServerAdmin webmas...@central.com <mailto:webmas...@central.com> >> >> ServerName example1.com <http://example1.com/> >> >> ServerAlias www.example1.com <http://www.example1.com/> >> >> *.example1.com <http://example1.com/> >> >> DocumentRoot "/home/data/hqwww/htdocs" >> >> SSLEngine on >> >> SSLProtocol all -SSLv2 >> >> SSLCertificateFile /etc/apache2/ssl.crt/example.crt >> >> SSLCertificateKeyFile /etc/apache2/ssl.key/www.example1.com.key >> >> <http://www.example1.com.key/> >> >> SSLCertificateChainFile /etc/apache2/ssl.crt/example1.ca >> >> <http://example1.ca/>-bundle >> >> RewriteEngine On >> >> RewriteOptions Inherit >> >> >> >> >> >> <Directory "/home/data/example1/htdocs"> >> >> AllowOverride None >> >> Options FollowSymlinks >> >> Require all granted >> >> </Directory> >> >> >> >> >> >> AccessFileName .htaccess >> >> >> >> ErrorLog /var/log/apache2/example1.com >> >> <http://example1.com/>-error_log >> >> CustomLog /var/log/apache2/example1.com >> >> <http://example1.com/>-access_log combined >> >> >> >> >> >> Include /etc/apache2/conf.d/*.conf >> >> </VirtualHost> >> >> >> >> >> >> <VirtualHost *:443> >> >> ServerAdmin webmas...@central.com <mailto:webmas...@central.com> >> >> ServerName example2.com <http://example2.com/> >> >> ServerAlias www.example2.com <http://www.example2.com/> >> >> *.example2.com <http://example2.com/> >> >> DocumentRoot "/home/data/jmnwww/htdocs" >> >> SSLEngine on >> >> SSLProtocol all -SSLv2 >> >> SSLCertificateFile /etc/apache2/ssl.crt/example2.crt >> >> SSLCertificateKeyFile /etc/apache2/ssl.key/www.example2.com.key >> >> <http://www.example2.com.key/> >> >> SSLCertificateChainFile /etc/apache2/ssl.crt/example2.ca >> >> <http://example2.ca/>-bundle >> >> RewriteEngine On >> >> RewriteOptions Inherit >> >> >> >> <Directory "/home/data/example2/htdocs"> >> >> ## To make the site work with pretty permalinks use the next 2 >> >> uncommented lines. >> >> ## Otherwise use 'Options None' and 'AllowOverride None' >> >> AllowOverride all >> >> Options FollowSymlinks >> >> Require all granted >> >> </Directory> >> >> >> >> AccessFileName .htaccess >> >> >> >> ErrorLog /var/log/apache2/example2.com >> >> <http://example2.com/>-error_log >> >> CustomLog /var/log/apache2/example2.com >> >> <http://example2.com/>-access_log combined >> >> >> >> Include /etc/apache2/conf.d/*.conf >> >> </VirtualHost> >> >> >> >> If I drop the second host (example2), leaving just example1 it >> >> works; with both hosts apache crashes on restart. Here is the >> >> failure message output for that case. >> >> >> >> systemctl status apache2.service >> >> *●*apache2.service - The Apache Webserver >> >> Loaded: loaded (/usr/lib/systemd/system/apache2.service; >> >> enabled; vendor preset: disabled) >> >> Active: *failed*(Result: exit-code) since Fri 2022-07-01 >> >> 14:12:39 PDT; 6min ago >> >> Process: 29193 ExecStart=/usr/sbin/start_apache2 -DSYSTEMD >> >> -DFOREGROUND -k start *(code=exited, status=1/*> >> >> Main PID: 29193 (code=exited, status=1/FAILURE) >> >> Status: "Reading configuration..." >> >> >> >> Jul 01 14:12:39 donner systemd[1]: Starting The Apache Webserver... >> >> Jul 01 14:12:39 donner start_apache2[29193]: AH00548: >> >> NameVirtualHost has no effect and will be removed in t> >> >> Jul 01 14:12:39 donner systemd[1]: *apache2.service: Main process >> >> exited, code=exited, status=1/FAILURE* >> >> Jul 01 14:12:39 donner systemd[1]: *apache2.service: Failed with >> >> result 'exit-code'.* >> >> Jul 01 14:12:39 donner systemd[1]: *Failed to start The Apache >> >> Webserver.* >> >> >> >> >> >>> On 30 Jun 2022, at 16:24, Frank Gingras <thu...@apache.org >> >>> <mailto:thu...@apache.org>> wrote: >> >>> >> >>> That is one assumption, sure. Best to have the user run apachectl >> >>> -S to confirm. For all we know, they could have defined invalid >> >>> vhosts. >> >>> >> >>> On Thu, 30 Jun 2022 at 16:54, <free...@videotron.eu >> >>> <mailto:free...@videotron.eu>> wrote: >> >>> >> >>> You are missing something called virtual hosts. You are >> >>> allowed one host but you can have many virtual hosts. >> >>> Secondly, you should be using Leap 15.4, it sounds like you >> >>> are out of date, sorry to say.____ >> >>> >> >>> __ __ >> >>> >> >>> If you go to your httpd.conf file then you will notice that >> >>> there is a enable virtual hosts #include virtual hosts.conf >> >>> httpd-vhosts.conf so uncomment it remove the #____ >> >>> >> >>> __ __ >> >>> >> >>> *De :* jnil...@jala.com <mailto:jnil...@jala.com> >> >>> <jnil...@jala.com <mailto:jnil...@jala.com>> >> >>> *Envoyé :* jeudi 30 juin 2022 16:28 >> >>> *À :* users@httpd.apache.org <mailto:users@httpd.apache.org> >> >>> *Objet :* [users@httpd] NameVirtualHost fails____ >> >>> >> >>> __ __ >> >>> >> >>> I'm using SUSE Leap 15.3 and apache2. I'm trying to get SSL >> >>> to work on two hosts with the same IP address. My >> >>> vhosts.config is set for the two hosts but only one actually >> >>> runs. When I run systemctl status apache2.service I get a >> >>> message that NameVirtualHost has no effect and will be >> >>> removed. So the configuration only works if I have just one >> >>> host.____ >> >>> >> >>> __ __ >> >>> >> >>> What key detail am I missing in the network configuration?____ >> >>> >> >>> __ __ >> >>> >> >>> Thanks,____ >> >>> >> >>> __ __ >> >>> >> >>> Jack Nilles____ >> >>> >> >>> __ __ >> >>> >> >> >> > >> > >> > -- >> > This message has been scanned for viruses and >> > dangerous content by *MailScanner* <http://www.mailscanner.info/>, and >> is >> > believed to be clean. >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >> For additional commands, e-mail: users-h...@httpd.apache.org >> >>
