Solved

SSL and Multiple IPs on the same box

Posted on 2011-03-09
4
528 Views
Last Modified: 2013-12-16
I have a nice Proliant ML350 with RAID-5 and SAS drives, etc...

I have two sites I want to host on it, but both need SSL. I have multiple free public IPs so I can assign a new IP for one of the sites no problem.

Trouble is...

1. How do I assign multiple IPs to the box?
2. How do I configure Apache to listen for site a on 123.456.78.90 and site b on abc.def.ghi.jkl?

OS: Ubuntu 9.10
0
Comment
Question by:DrDamnit
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 35092368
You create 'Virtual Host' for each site.  Start here: http://httpd.apache.org/docs/2.2/vhosts/  It's not hard but details matter.  I've set up about 6 of them with private IPs (10.10.x.x) on my LAN for testing.
0
 
LVL 31

Assisted Solution

by:farzanj
farzanj earned 166 total points
ID: 35094302
Concept of giving multiple ip addresses is similar in ubuntu except that it keeps one file whereas in other distributions, they keep separate files.

Here is how it works.  You can give as many IP addresses to an interface as you want.  But you have to name them a little differently.  For example instead of writing eth0, you have to say eth0:0 (first), eth0:1 (second),  eth0:2, third interface, and so on.  You can also define a range of IP addresses.

Sample interface file would look like
http://www.cyberciti.biz/faq/setting-up-an-network-interfaces-file/

Second question:

Apache allows you to make as many Virtual Host as you want.  Each one can have the same IP address or a different one.
They may share the directory for files or may have their own.  This is called DocumentRoot.  You specify you IP address in the document root header, on which it is supposed to listen
Code would look like this.  Put this at the bottom of your httpd.conf file.  You should set the parameters yourself
<VirtualHost 123.456.78.90:80>
    ServerAdmin webmaster@theos.in
    DocumentRoot "/usr/local/docs/theos.in"
    ServerName www.theos.in
    ServerAlias theos.in
    ErrorLog "/var/log/theos.in-error_log"
    CustomLog "/var/log/theos.in-access_log" common
</VirtualHost>
 
<VirtualHost abc.def.ghi.jkl:80>
    ServerAdmin webmaster@nixcraft.com
    DocumentRoot "/usr/local/docs/nixcraft.com"
    ServerName www.nixcraft.com
    ServerAlias nixcraft.com
    ErrorLog "/var/log/nixcraft.com-error_log"
    CustomLog "/var/log/nixcraft.com-access_log" common
</VirtualHost>

Open in new window

0
 
LVL 7

Assisted Solution

by:jackiechen858
jackiechen858 earned 334 total points
ID: 35111763

.1 to add multipli ip, it depend on what Linux OS you machine has, typically you can goto /etc/sysconfig/network-scripts/ folder, if you see something like if-eth0, you can copy it to ifcfg-eth0:1, modify it to give a different ip.

Run "service network restart" , then run  ifconfig , you should see multiple ip.

 for HTTPS, you CAN NOT put multi domain into same IP address. this is different than HTTP virtual host.






0
 
LVL 7

Accepted Solution

by:
jackiechen858 earned 334 total points
ID: 35111843
check this example:
http://www.apache-ssl.org/httpd.conf.example

first, you need to configure apache to listen on port 443, like "Listen 443"

then you can configure each site with a different ip address. You need to generate ssl certificate for each site.



SSLCertificateKeyFile /www/certs/another-ssl.fictional.co.key
SSLCertificateFile /www/certs/another-ssl.fictional.co.cert  
0

Featured Post

Space-Age Communications Transitions to DevOps

ViaSat, a global provider of satellite and wireless communications, securely connects businesses, governments, and organizations to the Internet. Learn how ViaSat’s Network Solutions Engineer, drove the transition from a traditional network support to a DevOps-centric model.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question