troubleshooting Question

multiple https virtualhost on same IP address

Avatar of grblades
grbladesFlag for United Kingdom of Great Britain and Northern Ireland asked on
Apache Web Server
14 Comments2 Solutions28818 ViewsLast Modified:
Our old server had multiple IP addresses bount to the network card and had a website setup on each IP address.
Our new server has two sites setup on a single IP address.
Virtualhost works fine for HTTP but when accessing via HTTPS I always get the .co.uk pages (with a certificate warning).

Here is the relevant section from our HTTPS configuration :-

<VirtualHost *:443>
        ServerName online.linguaphone.co.uk
        DocumentRoot /var/www/www.linguaphone.co.uk
        ServerAdmin webmaster@linguaphone.com
        ErrorLog logs/online.linguaphone.co.uk-ssl-error.log
        TransferLog logs/online.linguaphone.co.uk-ssl-access.log
        CustomLog logs/vbis/online.linguaphone.co.uk-ssl-access-vbis.log vbis

        SSLEngine on
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

        SSLCertificateFile    conf/certificates/2004_online.linguaphone.co.uk.crt
        SSLCertificateKeyFile conf/certificates/2004_online.linguaphone.co.uk.pem

        SSLVerifyClient none
        SSLVerifyDepth  10

        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>

<VirtualHost *:443>
        ServerName online.linguaphone.com
        DocumentRoot /var/www/www.linguaphone.com
        ServerAdmin webmaster@linguaphone.com
        ErrorLog logs/online.linguaphone.com-ssl-error.log
        TransferLog logs/online.linguaphone.com-ssl-access.log
        CustomLog logs/vbis/online.linguaphone.com-ssl-vbis.log vbis

        SSLEngine on
        SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

        SSLCertificateFile    conf/certificates/2004_online.linguaphone.com.crt
        SSLCertificateKeyFile conf/certificates/2004_online.linguaphone.com.pem

        SSLVerifyClient none
        SSLVerifyDepth  10

        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>

When I restart apache I get the following warning which I assume is the cause of the problem:-
[warn] _default_ VirtualHost overlap on port 443, the first has precedence

I have commented out the default virtualhost in /etc/httpd/conf.d/ssl.conf except for the following lines:-

LoadModule ssl_module modules/mod_ssl.so
Listen 0.0.0.0:443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex  file:logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

ASKER CERTIFIED SOLUTION
Mercantilum

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 2 Answers and 14 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 14 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros