Solved

Https hostnames

Posted on 2006-07-20
5
283 Views
Last Modified: 2010-03-04
Hi.
I have one public ip, that I want to have multiple subdomains.
The subdomains will use one wildcard certification, that will cover theme all.
Problem is that when using https, we can only have one virtual host on each ip:443.
so how would one have apache presenting visitors different data according to witch hostname is used?
test1.mydomain.com -> /var/www/test1
test2.mydomain.com -> /var/www/test2
If the solution is to set up a redirection, I want it to be transparent to the user.
0
Comment
Question by:thor918
  • 3
5 Comments
 
LVL 13

Expert Comment

by:rhickmott
Comment Utility
Unfortunatly this is a bit like a chicken and egg scenrio as the SSL session is setup and established before the headers are sent so until the SSL connection is established the headers and more importantly the "host" field are not sent so its not possible to have name based SSL virtualhosts.

You can have IP based onses so you can assign two IPs to your server and have site1. running off one IP and site2. running off another but you will need two public IP addresses to get them both working properly.

The only way you could maybe do it is with mod_rewrites but the certificate will only be valid on one host test1. or test2. the other would complain about the certificate not being valid for the site.
0
 
LVL 2

Author Comment

by:thor918
Comment Utility
I'm using wildcard certificate.
this means it's valid for the whole domain, including all subdomains.
0
 
LVL 2

Author Comment

by:thor918
Comment Utility
As you probably see, I have read up on the topic before I asked. so I know that it is difficult, but I belive it should be possible to have some sort of redirect.
I got a php redirect right now, that works ok.
but I would like to see it redirect transparent. I think I read somewhere before that it is possible to redirect content transparent from the user.

I also tried something that worked pretty good, but was broken in one case I had to use a webdav service.
I used a apacheproxy to redirect output from http://localhost. and let the normal virtualhostname be taken care of there.
That worket perfect, exept that webdav refused to stay in https.

so I would be very happy if I could make a simple htaccess script that redirects content from another folder located on the same server (and the redirect is transparent from the visitor.).
0
 
LVL 27

Accepted Solution

by:
caterham_www earned 500 total points
Comment Utility
>>Problem is that when using https, we can only have one virtual host on each ip:443.
so how would one have apache presenting visitors different data according to witch hostname is used?
test1.mydomain.com -> /var/www/test1
test2.mydomain.com -> /var/www/test2<<

How does your DocumentRoot directive look like? I'm assuming /var/www

Inside of your <virtualhost> with the module mod_rewrite loadded

RewriteEngine on
RewriteCond %{HTTP_HOST} !^www\.
RewriteCond %{HTTP_HOST} ^([^.]+)\.mydomain\.com
RewriteRule ^/(.*) /%1 [PT]
0
 
LVL 2

Author Comment

by:thor918
Comment Utility
@caterham_www
I did't get what you posted working, but you helped me on the right path
here is what I ended up with. it works perfect.

            RewriteEngine On
            RewriteCond %{HTTP_HOST} ^websvn\.mydomain\.net$ [NC]
            RewriteRule ^(.*)$ /websvn/$1 [L]

            RewriteCond %{HTTP_HOST} ^svn\.mydomain\.net$ [NC]
            RewriteRule ^(.*)$ /mysvn/$1 [L]
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Introduction As you’re probably aware the HTTP protocol offers basic / weak authentication, which in combination with the relevant configuration on your web server, provides the ability to password protect all or part of your host.  If you were not…
If you are running a LAMP infrastructure, this little code snippet is very helpful if you are serving lots of HTML, JavaScript and CSS-related information. The mod_deflate module, which is part of the Apache 2.2 application, provides the DEFLATE…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now