From owner-freebsd-questions Wed Sep 8 4:14:53 1999 Delivered-To: freebsd-questions@freebsd.org Received: from mailhost.criterion.canon.co.uk (mailhost.criterion.canon.co.uk [194.223.249.254]) by hub.freebsd.org (Postfix) with ESMTP id 0E51E15A99 for ; Wed, 8 Sep 1999 04:14:42 -0700 (PDT) (envelope-from adamn@csl.com) Received: from csl.com (hermes.criterion.canon.co.uk [194.223.249.13]) by mailhost.criterion.canon.co.uk (8.8.8/8.7.3) with ESMTP id MAA29958; Wed, 8 Sep 1999 12:03:11 +0100 (BST) Message-ID: <37D644C9.BA9115E8@csl.com> Date: Wed, 08 Sep 1999 12:13:13 +0100 From: Adam Nealis Organization: Criterion Software, Ltd. X-Mailer: Mozilla 4.6 [en] (X11; I; Linux 2.0.34 i686) X-Accept-Language: en MIME-Version: 1.0 To: Shawn Ramsey Cc: questions@FreeBSD.ORG Subject: Re: mod_ssl question References: <19990907125536.B13943@cpl.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Shawn Ramsey wrote: > > I know this isn't exactly FreeBSD related.. but I couldn't find this info on > the mod_ssl web site. How should I define SSL enabled virtual hosts? This is > how I have it : > > > > ## > ## SSL Virtual Host Context > ## > > > # General setup for the virtual host > DocumentRoot /usr/local/www/data/cpl-dev > ServerName 209.150.92.97 > ServerAdmin shawn@cpl.net > #ErrorLog /usr/local/log/error_log > #TransferLog /usr/local/log/access_log > > SSLEngine on > SSLCertificateFile /usr/local/etc/apache/ssl.crt/cpl.crt > SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/cpl.key > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > CustomLog /usr/local/log/ssl_request_log \ > "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" > > > > DocumentRoot /home/tobey/public_html/lucknowenterprises.com > ServerName 209.150.92.95 > ServerAdmin shawn@cpl.net > #ErrorLog /usr/local/log/error_log > #TransferLog /usr/local/log/access_log > SSLEngine on > SSLCertificateFile /usr/local/etc/apache/ssl.crt/www.lucknowenterprises.com.crt > SSLCertificateKeyFile /usr/local/etc/apache/ssl.key/www.lucknowenterprises.com.key > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > > > > > I get a virtual host overlap error when starting, which I assume is because > they are both default. What should I change? _default_ is a sort of placeholder. If there is a https request that doesn't match a particular virtual host, then this is the one that is supplied by the server. The one to change is the one that you don't want to be the default 8). If you want neither to nbe the default, then create a third v-host that contains nothing useful. What is missing from your set up is an IP address that apache is bound to for your host, and a server name. For example: > > DocumentRoot /home/tobey/public_html/lucknowenterprises.com > ServerName 209.150.92.95 becomes DocumentRoot /home/tobey/public_html/lucknowenterprises.com ServerName www.lucknowenterprises.com . . . This way, a request from https://www.lucknowenterprises.com/ will get the lucknowenterprises.com server. Hope this helps a little, Adam. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message