[x]
Posted via EE Mobile

Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again.
08/24/2006 at 09:03AM PDT, ID: 21966233
[x]
Attachment Details
[x]
The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

  • The Grade of the Solution
  • The Zone Rank of the Expert Providing the Solution
  • The Number of Author and Expert Comments
  • The Number of Experts Contributing
  • The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!
7.6

SSL with two virtual host, one domain is pickup up other SSL cert

Asked by paulpp in Apache Web Server, Server Side Includes (SSI)

Tags: apache

I installed an SSL for domain_1  and it works just great. But then I noticed something. On my other domain domain_2 if I do an https, it picks up the  domain_1 cert. Domain_2 has no SSL cert.

    Please advise with sample. I'm not an expert in SSL configurations.


--Paul

**************  httpd.conf *******************

#### Default httpd.conf for Mac OS X Server
####
#### This httpd.conf differs from the httpd.conf distributed
#### with Apache and the httpd.conf present on Mac OS X.
#### Feel free to edit this; the Server Admin app also edits this file but will
#### respect your changes unless noted below. See also ReadMe.txt.

##
## ServerType is either inetd, or standalone.  Inetd mode is only supported on
## Unix platforms.
##
ServerType standalone
ServerName ns1.macserver.com
##
## ServerRoot: The top of the directory tree under which the server's
## configuration, error, and log files are kept.
##
## NOTE!  If you intend to place this on an NFS (or otherwise network)
## mounted filesystem then please read the LockFile documentation
## (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
## you will save yourself a lot of trouble.
##
## Do NOT add a slash at the end of the directory path.
##
##
ServerRoot "/usr"
##
## PidFile: The file in which the server should record its process
## identification number when it starts.
##
PidFile /var/run/httpd.pid
##
## ScoreBoardFile: File used to store internal server process information.
## Not all architectures require this.  But if yours does (you'll know because
## this file will be  created when you run Apache) then you *must* ensure that
## no two invocations of Apache share the same scoreboard file.
##
ScoreBoardFile "/var/run/apache_runtime_status"
##
## Server-pool size regulation.  Rather than making you guess how many
## server processes you need, Apache dynamically adapts to the load it
## sees --- that is, it tries to maintain enough server processes to
## handle the current load, plus a few spare servers to handle transient
## load spikes (e.g., multiple simultaneous requests from a single
## Netscape browser).
##
## It does this by periodically checking how many servers are waiting
## for a request.  If there are fewer than MinSpareServers, it creates
## a new spare.  If there are more than MaxSpareServers, some of the
## spares die off.  The default values are probably OK for most sites.
##
MinSpareServers 1
MaxSpareServers 5
##
## Number of servers to start initially --- should be a reasonable ballpark
## figure.
##
StartServers 1
##
## MaxRequestsPerChild: the number of requests each child process is
## allowed to process before the child dies.  The child will exit so
## as to avoid problems after prolonged use when Apache (and maybe the
## libraries it uses) leak memory or other resources.  On most systems, this
## isn't really needed, but a few (such as Solaris) do have notable leaks
## in the libraries. For these platforms, set to something like 10000
## or so; a setting of 0 means unlimited.
##
## NOTE: This value does not include keepalive requests after the initial
##       request per connection. For example, if a child process handles
##       an initial request and 10 subsequent "keptalive" requests, it
##       would only count as 1 request towards this limit.
##
MaxRequestsPerChild 100000
##
## Dynamic Shared Object (DSO) Support
##
## To be able to use the functionality of a module which was built as a DSO you
## have to place corresponding `LoadModule' lines at this location so the
## directives contained in it are actually available _before_ they are used.
## Please read the file http://httpd.apache.org/docs/dso.html for more
## details about the DSO mechanism and run `httpd -l' for the list of already
## built-in (statically linked and thus always available) modules in your httpd
## binary.
##
## Note: The order in which modules are loaded is important.  Don't change
## the order below without expert advice.
##
## Example:
## LoadModule foo_module libexec/mod_foo.so
##
#### For Mac OS X Server: Note that the Server Admin application
#### and the apxs utility enable and disable modules
#### by removing and adding a comment character.
##
#LoadModule vhost_alias_module    libexec/httpd/mod_vhost_alias.so
#LoadModule env_module            libexec/httpd/mod_env.so
LoadModule config_log_module      libexec/httpd/mod_log_config.so
#LoadModule mime_magic_module     libexec/httpd/mod_mime_magic.so
LoadModule mime_module            libexec/httpd/mod_mime.so
LoadModule negotiation_module     libexec/httpd/mod_negotiation.so
LoadModule status_module          libexec/httpd/mod_status.so
LoadModule info_module            libexec/httpd/mod_info.so
LoadModule includes_module        libexec/httpd/mod_include.so
LoadModule autoindex_module       libexec/httpd/mod_autoindex.so
LoadModule dir_module             libexec/httpd/mod_dir.so
LoadModule cgi_module             libexec/httpd/mod_cgi.so
LoadModule asis_module            libexec/httpd/mod_asis.so
LoadModule imap_module            libexec/httpd/mod_imap.so
LoadModule action_module          libexec/httpd/mod_actions.so
#LoadModule speling_module        libexec/httpd/mod_speling.so
LoadModule userdir_module         libexec/httpd/mod_userdir.so
LoadModule alias_module           libexec/httpd/mod_alias.so
LoadModule rewrite_module         libexec/httpd/mod_rewrite.so
LoadModule access_module          libexec/httpd/mod_access.so
LoadModule apple_auth_module      libexec/httpd/mod_auth_apple.so
#LoadModule anon_auth_module      libexec/httpd/mod_auth_anon.so
#LoadModule dbm_auth_module       libexec/httpd/mod_auth_dbm.so
#LoadModule digest_module         libexec/httpd/mod_digest.so
LoadModule proxy_module           libexec/httpd/libproxy.so
#LoadModule cern_meta_module      libexec/httpd/mod_cern_meta.so
LoadModule expires_module         libexec/httpd/mod_expires.so
#LoadModule headers_module        libexec/httpd/mod_headers.so
#LoadModule usertrack_module      libexec/httpd/mod_usertrack.so
#LoadModule unique_id_module      libexec/httpd/mod_unique_id.so
LoadModule setenvif_module        libexec/httpd/mod_setenvif.so
LoadModule apple_macbinary_module libexec/httpd/mod_macbinary_apple.so
#LoadModule apple_spotlight_module  libexec/httpd/mod_spotlight_apple.so
#LoadModule perl_module           libexec/httpd/libperl.so
LoadModule php4_module           libexec/httpd/libphp4.so
LoadModule hfs_apple_module       libexec/httpd/mod_hfs_apple.so
LoadModule apple_digest_module    libexec/httpd/mod_digest_apple.so
#LoadModule bonjour_module libexec/httpd/mod_bonjour.so
LoadModule ssl_module libexec/httpd/libssl.so
LoadModule dav_module libexec/httpd/libdav_encoding.so
LoadModule jk_module libexec/httpd/mod_jk.so
LoadModule spnego_auth_module libexec/httpd/mod_spnego_apple.so
#LoadModule encoding_module libexec/httpd/mod_encoding.so
## Reconstruction of the complete module list from all available modules
## (static and shared ones) to achieve correct module execution order.
## [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
ClearModuleList
#AddModule mod_vhost_alias.c
#AddModule mod_env.c
AddModule mod_log_config.c
#AddModule mod_mime_magic.c
AddModule mod_mime.c
AddModule mod_negotiation.c
AddModule mod_status.c
AddModule mod_info.c
AddModule mod_include.c
AddModule mod_autoindex.c
AddModule mod_dir.c
AddModule mod_cgi.c
AddModule mod_asis.c
AddModule mod_imap.c
AddModule mod_actions.c
#AddModule mod_speling.c
AddModule mod_userdir.c
AddModule mod_alias.c
AddModule mod_rewrite.c
AddModule mod_access.c
AddModule mod_auth_apple.c
#AddModule mod_auth_anon.c
#AddModule mod_auth_dbm.c
#AddModule mod_digest.c
AddModule mod_proxy.c
#AddModule mod_cern_meta.c
AddModule mod_expires.c
#AddModule mod_headers.c
#AddModule mod_usertrack.c
#AddModule mod_unique_id.c
AddModule mod_so.c
AddModule mod_setenvif.c
AddModule mod_macbinary_apple.c
#AddModule mod_spotlight_apple.c
#AddModule mod_perl.c
AddModule mod_php4.c
AddModule mod_hfs_apple.c
AddModule mod_digest_apple.c
#AddModule mod_bonjour.c
AddModule mod_ssl.c
AddModule mod_dav.c
AddModule mod_jk.c
AddModule mod_spnego_apple.c
#AddModule mod_encoding.c
##
## If you wish httpd to run as a different user or group, you must run
## httpd as root initially and it will switch.  
##
## User/Group: The name (or #number) of the user/group to run httpd as.
##  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
##  . On HPUX you may not be able to use shared memory as nobody, and the
##    suggested workaround is to create a user www and use that user.
##  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
##  when the value of (unsigned)Group is above 60000;
##  don't use Group "#-1" on these systems!
##
User www
Group www
##
## Each directory to which Apache has access, can be configured with respect
## to which services and features are allowed and/or disabled in that
## directory (and its subdirectories).
##
## First, we configure the "default" to be a very restrictive set of
## permissions.  
##
<Directory "/">
      Options FollowSymLinks
      AllowOverride None
</Directory>
##
## UserDir: The name of the directory which is appended onto a user's home
## directory if a ~user request is received.
##
#### For Mac OS X Server: Note that
#### personal websharing is not supported on Mac OS X Server.
##
<IfModule mod_userdir.c>
      UserDir Sites
</IfModule>
##
## AccessFileName: The name of the file to look for in each directory
## for access control information.
##
AccessFileName .htaccess
##
## The following lines prevent .htaccess files from being viewed by
## Web clients.  Since .htaccess files often contain authorization
## information, access is disallowed for security reasons.  Comment
## these lines out if you want Web visitors to see the contents of
## .htaccess files.  If you change the AccessFileName directive above,
## be sure to make the corresponding changes here.
##
## Also, folks tend to use names such as .htpasswd for password
## files, so this will protect those as well.
##
#### For Mac OS X Server: Note the case-insensitive pattern, which protects
#### .htaccess fils on HFS volumes.
##
#### (Note: Denying .DS_S* may interfere with Finder WebDAV operation)
##
<Files ~ "^\.([Hh][Tt]|[Dd][Ss]_[Ss])">
      Order allow,deny
      Deny from all
      Satisfy All
</Files>
#### Block attempts to circumvent access controls by requesting forks.
<Files "rsrc">
      Order allow,deny
      Deny from all
      Satisfy All
</Files>
<DirectoryMatch ".*\.\.namedfork">
      Order allow,deny
      Deny from all
      Satisfy All
</DirectoryMatch>
##
## CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
## document that was negotiated on the basis of content. This asks proxy
## servers not to cache the document. Uncommenting the following line disables
## this behavior, and proxies will be allowed to cache the documents.
##
#CacheNegotiatedDocs
#
#### For Mac OS X Server: mime.types is ignored; Server Admin maintains mime types
#### in httpd.conf.
TypesConfig /dev/null
##
## Document types.
##
<IfModule mod_mime.c>
##
## AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
## information on the fly. Note: Not all browsers support this.
## Despite the name similarity, the following Add* directives have nothing
## to do with the FancyIndexing customization directives above.
##
      AddEncoding x-compress Z
      AddEncoding x-gzip gz tgz
##
## AddLanguage allows you to specify the language of a document. You can
## then use content negotiation to give a browser a file in a language
## it can understand.  
##
## Note 1: The suffix does not have to be the same as the language
## keyword --- those with documents in Polish (whose net-standard
## language code is pl) may wish to use "AddLanguage pl .po" to
## avoid the ambiguity with the common suffix for perl scripts.
##
## Note 2: The example entries below illustrate that in quite
## some cases the two character 'Language' abbreviation is not
## identical to the two character 'Country' code for its country,
## E.g. 'Danmark/dk' versus 'Danish/da'.
##
## Note 3: In the case of 'ltz' we violate the RFC by using a three char
## specifier. But there is 'work in progress' to fix this and get
## the reference data for rfc1766 cleaned up.
##
## Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
## French (fr) - German (de) - Greek-Modern (el)
## Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn)
## Portugese (pt) - Luxembourgeois* (ltz)
## Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz)
## Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
## Russian (ru)
##
      AddLanguage da .dk
      AddLanguage nl .nl
      AddLanguage en .en
      AddLanguage et .ee
      AddLanguage fr .fr
      AddLanguage de .de
      AddLanguage el .el
      AddLanguage he .he
      AddCharset ISO-8859-8 .iso8859-8
      AddLanguage it .it
      AddLanguage ja .ja
      AddCharset ISO-2022-JP .jis
      AddLanguage kr .kr
      AddCharset ISO-2022-KR .iso-kr
      AddLanguage nn .nn
      AddLanguage no .no
      AddLanguage pl .po
      AddCharset ISO-8859-2 .iso-pl
      AddLanguage pt .pt
      AddLanguage pt-br .pt-br
      AddLanguage ltz .lu
      AddLanguage ca .ca
      AddLanguage es .es
      AddLanguage sv .sv
      AddLanguage cz .cz
      AddLanguage ru .ru
      AddLanguage zh-tw .tw
      AddLanguage tw .tw
      AddCharset Big5         .Big5    .big5
      AddCharset WINDOWS-1251 .cp-1251
      AddCharset CP866        .cp866
      AddCharset ISO-8859-5   .iso-ru
      AddCharset KOI8-R       .koi8-r
      AddCharset UCS-2        .ucs2
      AddCharset UCS-4        .ucs4
      AddCharset UTF-8        .utf8
## LanguagePriority allows you to give precedence to some languages
## in case of a tie during content negotiation.
##
## Just list the languages in decreasing order of preference. We have
## more or less alphabetized them here. You probably want to change this.
##
      <IfModule mod_negotiation.c>
            LanguagePriority en fr de ja da nl et el it kr no pl pt pt-br ru ltz ca es sv tw
      </IfModule>
## Although mod_mime may support several extensions following a single
## mime type (ex: "AddType video/quicktime qt mov"), the parser used
## by the Server Admin application expects only one extension per line.
##
      AddHandler send-as-is asis
      AddHandler imap-file map
      AddHandler server-parsed shtml
      AddHandler type-map var
      AddHandler mac-binary bin
      AddHandler spotlight-search spotlight
      AddType application/andrew-inset ez
      AddType application/mac-binhex40 hqx
      AddType application/mac-compactpro cpt
      AddType application/msword doc
      AddType application/octet-stream bin
      AddType application/octet-stream dms
      AddType application/octet-stream lha
      AddType application/octet-stream lzh
      AddType application/octet-stream exe
      AddType application/octet-stream class
      AddType application/octet-stream so
      AddType application/octet-stream dll
      AddType application/octet-stream dmg
      AddType application/oda oda
      AddType application/pdf pdf
      AddType application/postscript ai
      AddType application/postscript eps
      AddType application/postscript ps
      AddType application/rtf rtf
      AddType application/smil smi
      AddType application/smil smil
      AddType application/vnd.mif mif
      AddType application/vnd.ms-excel xls
      AddType application/vnd.ms-powerpoint ppt
      AddType application/vnd.wap.wbxml wbxml
      AddType application/vnd.wap.wmlc wmlc
      AddType application/vnd.wap.wmlscriptc wmlsc
      AddType application/x-bcpio bcpio
      AddType application/x-cdlink vcd
      AddType application/x-chess-pgn pgn
      AddType application/x-cpio cpio
      AddType application/x-csh csh
      AddType application/x-director dcr
      AddType application/x-director dir
      AddType application/x-director dxr
      AddType application/x-dvi dvi
      AddType application/x-futuresplash spl
      AddType application/x-gtar gtar
      AddType application/x-hdf hdf
      AddType application/x-javascript js
      AddType application/x-java-jnlp-file jnlp
      AddType application/x-koan skp
      AddType application/x-koan skd
      AddType application/x-koan skt
      AddType application/x-koan skm
      AddType application/x-latex latex
      AddType application/x-netcdf nc
      AddType application/x-netcdf cdf
      AddType application/x-sh sh
      AddType application/x-shar shar
      AddType application/x-shockwave-flash swf
      AddType application/x-stuffit sit
      AddType application/x-sv4cpio sv4cpio
      AddType application/x-sv4crc sv4crc
      AddType application/x-tar tar
      AddType application/x-tcl tcl
      AddType application/x-tex tex
      AddType application/x-texinfo texinfo
      AddType application/x-texinfo texi
      AddType application/x-troff t
      AddType application/x-troff tr
      AddType application/x-troff roff
      AddType application/x-troff-man man
      AddType application/x-troff-me me
      AddType application/x-troff-ms ms
      AddType application/x-ustar ustar
      AddType application/x-wais-source src
      AddType application/xhtml+xml xhtm
      AddType application/xhtml+xml xht
      AddType application/zip zip
      AddType audio/basic au
      AddType audio/basic snd
      AddType audio/midi mid
      AddType audio/midi midi
      AddType audio/midi kar
      AddType audio/mpeg mpga
      AddType audio/mpeg mp2
      AddType audio/mpeg mp3
      AddType audio/x-m4a m4a
      AddType audio/x-aiff aif
      AddType audio/x-aiff aiff
      AddType audio/x-aiff aifc
      AddType audio/x-mpegurl m3u
      AddType audio/x-pn-realaudio ram
      AddType audio/x-pn-realaudio rm
      AddType audio/x-pn-realaudio-plugin rpm
      AddType audio/x-realaudio ra
      AddType audio/x-scpls pls
      AddType audio/x-wav wav
      AddType audio/3gpp 3gp
      AddType audio/3gpp 3gpp
      AddType audio/3gp2 3g2
      AddType audio/3gp2 3gp2
      AddType chemical/x-pdb pdb
      AddType chemical/x-pdb xyz
      AddType image/bmp bmp
      AddType image/gif gif
      AddType image/ief ief
      AddType image/jpeg jpeg
      AddType image/jpeg jpg
      AddType image/jpeg jpe
      AddType image/jp2 jp2
      AddType image/pict pict
      AddType image/pict pic
      AddType image/pict pct
      AddType image/png png
      AddType image/tiff tiff
      AddType image/tiff tif
      AddType image/vnd.djvu djvu
      AddType image/vnd.djvu djv
      AddType image/vnd.wap.wbmp wbmp
      AddType image/x-cmu-raster ras
      AddType image/x-macpaint pntg
      AddType image/x-macpaint pnt
      AddType image/x-macpaint mac
      AddType image/x-portable-anymap pnm
      AddType image/x-portable-bitmap pbm
      AddType image/x-portable-graymap pgm
      AddType image/x-portable-pixmap ppm
      AddType image/x-quicktime qti
      AddType image/x-quicktime qtif
      AddType image/x-rgb rgb
      AddType image/x-xbitmap xbm
      AddType image/x-xpixmap xpm
      AddType image/x-xwindowdump xwd
      AddType model/iges igs
      AddType model/iges iges
      AddType model/mesh msh
      AddType model/mesh mesh
      AddType model/mesh silo
      AddType model/vrml wrl
      AddType model/vrml vrml
      AddType text/css css
      AddType text/html html
      AddType text/html htm
      AddType text/plain asc
      AddType text/plain txt
      AddType text/richtext rtx
      AddType text/rtf rtf
      AddType text/sgml sgml
      AddType text/sgml sgm
      AddType text/tab-separated-values tsv
      AddType text/vnd.wap.wml wml
      AddType text/vnd.wap.wmlscript wmls
      AddType text/x-setext etx
      AddType text/xml xml
      AddType text/xml xsl
      AddType video/mpeg mpeg
      AddType video/mpeg mpg
      AddType video/mpeg mpe
      AddType video/mp4 mp4
      AddType video/quicktime qt
      AddType video/quicktime mov
      AddType video/vnd.mpegurl mxu
      AddType video/x-dv dv
      AddType video/x-dv dif
      AddType video/x-msvideo avi
      AddType video/x-sgi-movie movie
      AddType video/3gpp 3gp
      AddType video/3gpp 3gpp
      AddType video/3gp2 3g2
      AddType video/3gp2 3gp2
      AddType x-conference/x-cooltalk ice
      AddType text/html shtml
      AddType application/x-tar tgz
      AddType application/x-httpd-php3 php3
      AddType application/x-httpd-php3-source phps
      AddType application/x-httpd-php php
      AddType application/x-httpd-php-source phps
      AddType application/x-quicktimeplayer qtl
</IfModule>
##
## DefaultType is the default MIME type the server will use for a document
## if it cannot otherwise determine one, such as from filename extensions.
## If your server contains mostly text or HTML documents, "text/plain" is
## a good value.  If most of your content is binary, such as applications
## or images, you may want to use "application/octet-stream" instead to
## keep browsers from trying to display binary files as though they are
## text.
##
##
DefaultType text/plain
##
## The mod_mime_magic module allows the server to use various hints from the
## contents of the file itself to determine its type.  The MIMEMagicFile
## directive tells the module where the hint definitions are located.
## mod_mime_magic is not part of the default server (you have to add
## it yourself with a LoadModule [see the DSO paragraph in the 'Global
## Environment' section], or recompile the server and include mod_mime_magic
## as part of the configuration), so it's enclosed in an <IfModule> container.
## This means that the MIMEMagicFile directive will only be processed if the
## module is part of the server.
##
##
<IfModule mod_mime_magic.c>
      MIMEMagicFile /etc/httpd/magic
</IfModule>
##
## HostnameLookups: Log the names of clients or just their IP addresses
## e.g., www.apache.org (on) or 204.62.129.132 (off).
## The default is off because it'd be overall better for the net if people
## had to knowingly turn this feature on, since enabling it means that
## each client request will result in AT LEAST one lookup request to the
## nameserver.
##
##
HostnameLookups Off
##
## LogLevel: Control the number of messages logged to the error_log.
## Possible values include: debug, info, notice, warn, error, crit,
## alert, emerg.
##
##
LogLevel warn
##
## The following directives define some format nicknames for use with
## a CustomLog directive (see below).
##

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
##
#
## Optionally add a line containing the server version and virtual host
## name to server-generated pages (error documents, FTP directory listings,
## mod_status and mod_info output etc., but not CGI generated documents).
## Set to "EMail" to also include a mailto: link to the ServerAdmin.
## Set to one of:  On | Off | EMail
##
##
ServerSignature On
UseCanonicalName Off
##
## Aliases: Add here as many aliases as you need (with no limit). The format is
## Alias fakename realname
##
<IfModule mod_alias.c>
##
## Note that if you include a trailing / on fakename then the server will
## require it to be present in the URL.  So "/icons" isn't aliased in this
## example, only "/icons/".  If the fakename is slash-terminated, then the
## realname must also be slash terminated, and if the fakename omits the
## trailing slash, the realname must also omit it.
##
      Alias /icons/ "/usr/share/httpd/icons/"
      <Directory "/usr/share/httpd/icons">
            Options Indexes MultiViews
            AllowOverride None
            Order allow,deny
            Allow from all
      </Directory>
##
## ScriptAlias: This controls which directories contain server scripts.
## ScriptAliases are essentially the same as Aliases, except that
## documents in the realname directory are treated as applications and
## run by the server when requested rather than as documents sent to the client.
## The same rules about trailing "/" apply to ScriptAlias directives as to
## Alias.
##
      ScriptAlias /cgi-bin/ "/Library/WebServer/CGI-Executables/"
##
## This should be changed to whatever your ScriptAliased
## CGI directory exists, if you have that configured.
##
      <Directory "/Library/WebServer/CGI-Executables">
            AllowOverride None
            Options None
            Order allow,deny
            Allow from all
      </Directory>
#### For Mac OS X Server: Uncomment this line to enable web-based
#### configuration of mailman:
##
#      Include /etc/httpd/httpd_mailman.conf
</IfModule>
##
## Redirect allows you to tell clients about documents which used to exist in
## your server's namespace, but do not anymore. This allows you to tell the
## clients where to look for the relocated document.
## Format: Redirect old-URI new-URL
##
#Redirect www.oldserver.com www.newserver.com

##
## Directives controlling the display of server-generated directory listings.
##
#### For Mac OS X Server: Note that indexing is further controlled
#### by the Server Admin application, which adds "Options +/-Indexes
#### in the virtual host scope.
##
<IfModule mod_autoindex.c>
##
## FancyIndexing is whether you want fancy directory indexing or standard
##
##
      IndexOptions FancyIndexing
##
## AddIcon* directives tell the server which icon to show for different
## files or filename extensions.  These are only displayed for
## FancyIndexed directories.
##
      AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
      AddIconByType (TXT,/icons/text.gif) text/*
      AddIconByType (IMG,/icons/image2.gif) image/*
      AddIconByType (SND,/icons/sound2.gif) audio/*
      AddIconByType (VID,/icons/movie.gif) video/*
      AddIcon /icons/binary.gif .bin .exe
      AddIcon /icons/binhex.gif .hqx
      AddIcon /icons/tar.gif .tar
      AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
      AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
      AddIcon /icons/a.gif .ps .ai .eps
      AddIcon /icons/layout.gif .html .shtml .htm .pdf
      AddIcon /icons/text.gif .txt
      AddIcon /icons/c.gif .c
      AddIcon /icons/p.gif .pl .py
      AddIcon /icons/f.gif .for
      AddIcon /icons/dvi.gif .dvi
      AddIcon /icons/uuencoded.gif .uu
      AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
      AddIcon /icons/tex.gif .tex
      AddIcon /icons/bomb.gif core
      AddIcon /icons/back.gif ..
      AddIcon /icons/hand.right.gif README
      AddIcon /icons/folder.gif ^^DIRECTORY^^
      AddIcon /icons/blank.gif ^^BLANKICON^^
##
## DefaultIcon is which icon to show for files which do not have an icon
## explicitly set.
##
      DefaultIcon /icons/unknown.gif
##
## AddDescription allows you to place a short description after a file in
## server-generated indexes.  These are only displayed for FancyIndexed
## directories.
## Format: AddDescription "description" filename
##
#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz
#AddDescription "Mac OS Disk Image file" .dmg

##
## ReadmeName is the name of the README file the server will look for by
## default, and append to directory listings.
##
## HeaderName is the name of a file which should be prepended to
## directory indexes.
##
## If MultiViews are amongst the Options in effect, the server will
## first look for name.html and include it if found.  If name.html
## doesn't exist, the server will then look for name.txt and include
## it as plaintext if found.
##
      ReadmeName README
      HeaderName HEADER
##
## IndexIgnore is a set of filenames which directory indexing should ignore
## and not include in the listing.  Shell-style wildcarding is permitted.
##
      IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
##
## MetaDir: specifies the name of the directory in which Apache can find
## meta information files. These files contain additional HTTP headers
## to include when sending the document
##
#MetaDir .web

##
## MetaSuffix: specifies the file name suffix for the file containing the
## meta information.
##
#MetaSuffix .meta

##
## Customizable error response (Apache style)
##  these come in three flavors
##
##    1) plain text
##ErrorDocument 500 "The server made a boo boo.
##  n.b.  the single leading (") marks it as text, it does not get output
##
##    2) local redirects
##ErrorDocument 404 /missing.html
##  to redirect to local URL /missing.html
##ErrorDocument 404 /cgi-bin/missing_handler.pl
##  N.B.: You can redirect to a script or a document using server-side-includes.
##
##    3) external redirects
##ErrorDocument 402 http://some.other-server.com/subscription_info.html
##  N.B.: Many of the environment variables associated with the original
##  request will *not* be available to such a script.

##
## Customize behaviour based on the browser
##
<IfModule mod_setenvif.c>
##
## The following directives modify normal HTTP response behavior.
## The first directive disables keepalive for Netscape 2.x and browsers that
## spoof it. There are known problems with these browser implementations.
## The second directive is for Microsoft Internet Explorer 4.0b2
## which has a broken HTTP/1.1 implementation and does not properly
## support keepalive when it is used on 301 or 302 (redirect) responses.
##
      BrowserMatch "Mozilla/2" nokeepalive
      BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
##
## The following directive disables HTTP/1.1 responses to browsers which
## are in violation of the HTTP/1.0 spec by not being able to grok a
## basic 1.1 response.
##
      BrowserMatch "RealPlayer 4\.0" force-response-1.0
      BrowserMatch "Java/1\.0" force-response-1.0
      BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>
#
## Allow remote server configuration reports, with the URL of
## http://servername/server-info (requires that mod_info.c be loaded).
## Change the ".your-domain.com" to match your domain to enable.
##
#<Location /server-info>
#    SetHandler server-info
#    Order deny,allow
#    Deny from all
#    Allow from .your-domain.com
#</Location>

#
## Proxy Server directives. Uncomment the following lines to
## enable the proxy server:
#
<IfModule mod_proxy.c>
      ProxyRequests Off
      CacheRoot "/var/run/proxy"
      CacheSize 1024
      CacheGcInterval 24
#CacheMaxExpire 24
#CacheLastModifiedFactor 0.1
#CacheDefaultExpire 1
#NoCache a_domain.com another_domain.edu joes.garage_sale.com
      <Directory "disabled_proxy">
            Allow from example.com
            Deny from all
            Order Deny,Allow
      </Directory>
</IfModule>
##
#### mod_expires is configured so that all static files but images
#### expire after 60 seconds. Any response that has a life span of more
#### than 5 seconds (see webperfcache.conf) will be cached by webperfcache.
#### Make sure your CGIs return a "Cache-Control: no-cache" header if you
#### elect to make your dynamically generated HTML pages not cache-able.
#### If all your HTML pages are static you may also increase ExpiresDefault.

<IfModule mod_expires.c>
      ExpiresActive On
      ExpiresDefault A60
      ExpiresByType image/bmp A3600
      ExpiresByType image/gif A3600
      ExpiresByType image/ief A3600
      ExpiresByType image/jpeg A3600
      ExpiresByType image/png A3600
      ExpiresByType image/tiff A3600
      ExpiresByType image/x-cmu-raster A3600
      ExpiresByType image/x-portable-anymap A3600
      ExpiresByType image/x-portable-bitmap A3600
      ExpiresByType image/x-portable-graymap A3600
      ExpiresByType image/x-portable-pixmap A3600
      ExpiresByType image/x-rgb  A3600
      ExpiresByType image/x-xbitmap A3600
      ExpiresByType image/x-xpixmap A3600
      ExpiresByType image/x-xwindowdump A3600
      ExpiresByType audio/basic A3600
      ExpiresByType audio/midi A3600
      ExpiresByType audio/mpeg A3600
      ExpiresByType audio/x-aiff A3600
      ExpiresByType audio/x-pn-realaudio A3600
      ExpiresByType audio/x-pn-realaudio-plugin A3600
      ExpiresByType audio/x-realaudio A3600
      ExpiresByType audio/x-wav A3600
      ExpiresByType video/mpeg A3600
      ExpiresByType video/quicktime A3600
      ExpiresByType video/x-msvideo A3600
      ExpiresByType video/x-sgi-movie A3600
</IfModule>
##

#### The mod_macbinary_apple module allows a browser to download any
#### file as a MacBinary-encoded file by appending .bin to the URL.
#### For security reasons, administrators may want to prevent this
#### for files with certain suffixes. The MacBinaryBlock directive
#### prevents the MacBinary download of files with the specified
#### suffixes.
#
<IfModule mod_macbinary_apple.c>
      MacBinary On
      MacBinaryBlock html shtml perl pl cgi jsp php phps asp scpt
      MacBinaryBlock htaccess
</IfModule>
## SSL stuff

<IfModule mod_ssl.c>
      SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
      SSLPassPhraseDialog exec:/etc/httpd/getsslpassphrase
      SSLSessionCache dbm:/var/log/httpd/ssl_scache
      SSLSessionCacheTimeout 300
      SSLMutex file:/var/log/httpd/ssl_mutex
      SSLRandomSeed startup builtin
      SSLRandomSeed connect builtin
      SSLLogLevel info
      AddType application/x-x509-ca-cert crt
      AddType application/x-pkcs7-crl crl
</IfModule>
<IfModule mod_jk.c>
      JKWorkersFile /etc/httpd/workers.properties
      JKLogFile /var/log/httpd/mod_jk.log
      JKLogLevel error
      JKMount /*.jsp JBoss1
      JKMount /servlet/* JBoss1
      JKMount /examples/* JBoss1
      JKMount /weblog/* blojsomworker
      JKMount /blojsom_resources/* blojsomworker
</IfModule>
##
##
## The default server is used for status on a special port
##
#ServerName www.example.com
Port 9010
Listen 9010
DocumentRoot "/tmp"
ErrorLog "/var/log/httpd/error_log"
<Directory "/tmp">
      Order Deny,Allow
      Deny from All
      Allow from 127.0.0.1
</Directory>
<Location /server-status>
      SetHandler server-status
      Order deny,allow
      Deny from all
      Allow from 127.0.0.1
</Location>
##
<IfModule mod_spotlight_apple.c>
      Spotlight On
</IfModule>
<IfModule mod_rewrite.c>
      RewriteEngine On
      RewriteCond %{REQUEST_METHOD} ^TRACE
      RewriteRule .* - [F]
</IfModule>
<IfModule mod_headers.c>
      Header add MS-Author-Via "DAV"
</IfModule>
<IfModule mod_encoding.c>
      EncodingEngine on
      NormalizeUsername on
      DefaultClientEncoding UTF-8
# Windows XP?
      AddClientEncoding "Microsoft-WebDAV-MiniRedir/" MSUTF-8
# Windows 2K SP2 with .NET
      AddClientEncoding "(Microsoft .* DAV\$)" MSUTF-8
# Windows 2K SP2/Windows XP
      AddClientEncoding "(Microsoft .* DAV 1.1)" CP932
# Windows XP?
      AddClientEncoding "Microsoft-WebDAV*" CP932
# RealPlayer
      AddClientEncoding "RMA/*" CP932
# MacOS X webdavfs
      AddClientEncoding "WebDAVFS" UTF-8
# cadaver
      AddClientEncoding "cadaver/" EUC-JP
</IfModule>
RLimitNPROC max max
ExtendedStatus On
Timeout 300
KeepAlive Off
MaxKeepAliveRequests 500
KeepAliveTimeout 15
MaxClients 500
# Including WebObjects Configs
Include /System/Library/WebObjects/Adaptors/Apache/apache.conf
####
#### The following Include directive is essential for the virtual hosts to be usable.
####
Include "/etc/httpd/sites/*.conf"

**************** End httpd.conf *****************************



##################  domain_1.com.conf ####################

## Default Virtual Host Configuration

<VirtualHost 192.168.1.130:80>
      ServerName domain_1.com
      ServerAdmin postmaster@domain_1.com
      DocumentRoot "/Home/paul/Sites"
      DirectoryIndex "index.html" "index.php"
      CustomLog "/var/log/httpd/access_log" "%h %l %u %t \"%r\" %>s %b"
      ErrorLog "/var/log/httpd/error_log"
      ErrorDocument 404 /404.htm
<IfModule mod_ssl.c>
            SSLEngine Off
            SSLLog "/var/log/httpd/ssl_engine_log"
            SSLCertificateFile "/etc/httpd/ssl_crt/www_domain_1_com.crt"
            SSLCertificateKeyFile "/etc/httpd/ssl_key/myserver.key"
            SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL"
      </IfModule>
      <IfModule mod_dav.c>
            DAVLockDB "/var/run/davlocks/.davlock100"
            DAVMinTimeout 600
      </IfModule>
      <Directory "/Home/paul/Sites">
            Options All -Indexes +ExecCGI +Includes +MultiViews
            <IfModule mod_dav.c>
                  DAV On
            </IfModule>
            AllowOverride AuthConfig
            AuthType Basic
            AuthName "root_realm"
            <Limit PUT DELETE PROPPATCH PROPFIND MKCOL COPY MOVE LOCK UNLOCK>
                  Require no-user
            </Limit>
      </Directory>
      <Directory "/Home/paul/Sites/webdav">
            AuthName "webdav_realm"
            AuthType Basic
            <Limit GET HEAD OPTIONS CONNECT POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                  Require user  paul
            </Limit>
      </Directory>
      <Directory "/Home/paul/Sites/cgi-bin">
            Options +ExecCGI
      </Directory>
      <IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{REQUEST_METHOD} ^TRACE
            RewriteRule .* - [F]
      </IfModule>
      <IfModule mod_alias.c>
      </IfModule>
      LogLevel warn
      Include "/etc/httpd/httpd_squirrelmail.conf"
      ServerAlias domain_1.com
      ServerAlias www.domain_1.com
      ScriptAlias /cgi-bin/ /Home/paul/Sites/cgi-bin/
</VirtualHost>
## Clean copy/paste from paul perry 04/27/2006


######## Below was added for SSL


<VirtualHost 192.168.1.130:443>
      ServerName domain_1.com
      ServerAdmin postmaster@domain_1.com
      DocumentRoot "/Home/paul/Sites"
      DirectoryIndex "index.html" "index.php"
      CustomLog "/var/log/httpd/access_log" "%h %l %u %t \"%r\" %>s %b"
      ErrorLog "/var/log/httpd/error_log"
      ErrorDocument 404 /404.htm
<IfModule mod_ssl.c>
            SSLEngine On
            SSLLog "/var/log/httpd/ssl_engine_log"
            SSLCertificateFile "/etc/httpd/ssl_crt/www_domain_1_com.crt"
            SSLCertificateKeyFile "/etc/httpd/ssl_key/myserver.key"
            SSLCACertificateFile /etc/httpd/ssl_crt/ca.txt
            SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL"
      </IfModule>
      <IfModule mod_dav.c>
            DAVLockDB "/var/run/davlocks/.davlock100"
            DAVMinTimeout 600
      </IfModule>
      <Directory "/Home/paul/Sites">
            Options All -Indexes +ExecCGI +Includes +MultiViews
            <IfModule mod_dav.c>
                  DAV On
            </IfModule>
            AllowOverride AuthConfig
            AuthType Basic
            AuthName "root_realm"
            <Limit PUT DELETE PROPPATCH PROPFIND MKCOL COPY MOVE LOCK UNLOCK>
                  Require no-user
            </Limit>
      </Directory>
      <Directory "/Home/paul/Sites/webdav">
            AuthName "webdav_realm"
            AuthType Basic
            <Limit GET HEAD OPTIONS CONNECT POST PROPFIND PUT DELETE PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
                  Require user  paul
            </Limit>
      </Directory>
      <Directory "/Home/paul/Sites/cgi-bin">
            Options +ExecCGI
      </Directory>
      <IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{REQUEST_METHOD} ^TRACE
            RewriteRule .* - [F]
      </IfModule>
      <IfModule mod_alias.c>
      </IfModule>
      LogLevel warn
      Include "/etc/httpd/httpd_squirrelmail.conf"
      ServerAlias domain_1.com
      ServerAlias www.domain_1.com
      ScriptAlias /cgi-bin/ /Home/paul/Sites/cgi-bin/
</VirtualHost>
## Clean copy/paste from paul perry 04/27/2006

################ END domain_1.com.conf #####################


^^^^^^^^^^^^^^^^^^^  domain_2.com.conf    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^

## Default Virtual Host Configuration

<VirtualHost 192.168.1.130:80>
      ServerName domain_2.com
      ServerAdmin postmaster@domain_2.com
      DocumentRoot "/Home/domain_2_paul/Sites"
      DirectoryIndex index.html index.php
      CustomLog "/var/log/httpd/access_log" "%h %l %u %t \"%r\" %>s %b"
      ErrorLog "/var/log/httpd/error_log"
      ErrorDocument 404 /pages/404.htm
      <IfModule mod_ssl.c>
            SSLEngine Off
            SSLLog "/var/log/httpd/ssl_engine_log"
            SSLCertificateFile "/etc/certificates/Default.crt"
            SSLCertificateKeyFile "/etc/certificates/Default.key"
            SSLCipherSuite "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL"
      </IfModule>
      <IfModule mod_dav.c>
            DAVLockDB "/var/run/davlocks/.davlock100"
            DAVMinTimeout 600
      </IfModule>
      <Directory "/Home/domain_2_paul/Sites">
            Options All -Indexes +ExecCGI +Includes +MultiViews
            <IfModule mod_dav.c>
                  DAV Off
            </IfModule>
            AllowOverride None
      </Directory>
      <IfModule mod_rewrite.c>
            RewriteEngine On
            RewriteCond %{REQUEST_METHOD} ^TRACE
            RewriteRule .* - [F]
      </IfModule>
      <IfModule mod_alias.c>
      </IfModule>
      LogLevel warn
      Include "/etc/httpd/httpd_squirrelmail.conf"
      ServerAlias domain_2.com
      ServerAlias www.domain_2.com
</VirtualHost>

^^^^^^^^^^^^^^^^^^^   END  domain_2.com.conf  ^^^^^^^^^^^^^^^^^^^^^
[+][-]08/24/06 09:09 AM, ID: 17382816

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/24/06 09:09 AM, ID: 17382824

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/24/06 09:19 AM, ID: 17382931

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08/24/06 09:25 AM, ID: 17382983

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/24/06 10:32 AM, ID: 17383453

Often, when Experts are collaborating with members who have asked questions, they will request additional information about the problem. Askers respond with an author comment like this one.

Start your 30-day free trial to view this Author Comment or ask the Experts your question.

 
[+][-]08/24/06 11:33 AM, ID: 17383843

View this solution now by starting your 30-day free trial. Setting up your free trial is quick, easy, and secure. We will return you to this solution, unlocked, when you're done.

 

About this solution

Zones: Apache Web Server, Server Side Includes (SSI)
Tags: apache
Sign Up Now!
Solution Provided By: rowdy_h
Participating Experts: 2
Solution Grade: A
 
 
[+][-]08/24/06 11:59 AM, ID: 17384039

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
[+][-]08/24/06 12:47 PM, ID: 17384357

At Experts Exchange, members can ask their questions to thousands of technology professionals, also known as Experts. Experts compete and collaborate to answer those questions by leaving comments like this one.

Start your 30-day free trial to view this Expert Comment or ask the Experts your question.

 
 
Loading Advertisement...
20091111-EE-VQP-91