glabs
asked on
Need Help Setting up NameVirtualHost with 2 IP and Wildcard SSL on Apache
Hi all,
I have the following setup (see code snippet) but need help adding SSL to it.
I have a second IP address to use.
Site 1 host only 1 domain, unlimited subdomains (sub1.site1.com, sub2.site1.com,etc) pointing to same code, and needs the Wildcard SSL.
Site 2 hosts unlimited domains, no SSL, and all domains point to same code.
Can someone point me in the right direction for this? Its boggling my mind!
I have the following setup (see code snippet) but need help adding SSL to it.
I have a second IP address to use.
Site 1 host only 1 domain, unlimited subdomains (sub1.site1.com, sub2.site1.com,etc) pointing to same code, and needs the Wildcard SSL.
Site 2 hosts unlimited domains, no SSL, and all domains point to same code.
Can someone point me in the right direction for this? Its boggling my mind!
NameVirtualHost *:80
<VirtualHost *:80>
ServerAdmin webmaster@site1.com
DocumentRoot /..../site1.com/public/
ServerName site1.com
ServerAlias *.site1.com
ErrorLog /....
CustomLog /...
<Directory "/..../churchbackend.com/public/">
Options Indexes FollowSymLinks
AllowOverride All
Allow from All
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName default
ServerAlias *
ServerAlias site2.com
DocumentRoot /home/gospellabs/public_html/site2.com/public/
ErrorLog /....
CustomLog /...
<Directory "/.../site2.com/public/">
Options Indexes FollowSymLinks
AllowOverride All
Allow from All
</Directory>
</VirtualHost>
In Apache you can use NameVirtualHost with secures sites, if you are using the same "listener" - same IP and port. So you can use one IP for virtualhosts *.site1.com and one for site2.com. you have to add NameVirtualHost *:443 and to change <VirtualHost *:80> to <VirtualHost CORRESPONDING_IP:443> (one for each virtualhost, first is default). Also you have to add specific SSl settings to virtualhosts (certificates, key etc).
ASKER
Do you need to do a default for the 443 too or just 80
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for your help!
2 questions:
1. do you use the internal IP address or the external.
2. Do you put a separate IP for the 443?
2 questions:
1. do you use the internal IP address or the external.
2. Do you put a separate IP for the 443?
1) If the Apache web server is externally facing (accessible) or located in a DMZ, then you would use the external IP address. If the Apache server is behind a firewall and the port numbers are being forwarded to the internal server, then use the internal IP address.
2) It's optional, but considered a recommended practice. If you are running Apache on a Linux server and only have one NIC on the server, then you can do what is called IP Aliasing.
Linux -- Creating or Adding New Network Alias To a Network Card (NIC)
http://www.cyberciti.biz/faq/linux-creating-or-adding-new-network-alias-to-a-network-card-nic/
2) It's optional, but considered a recommended practice. If you are running Apache on a Linux server and only have one NIC on the server, then you can do what is called IP Aliasing.
Linux -- Creating or Adding New Network Alias To a Network Card (NIC)
http://www.cyberciti.biz/faq/linux-creating-or-adding-new-network-alias-to-a-network-card-nic/
ASKER
Excellent, Thanks.
I am now having problems with the cert but I will post that as a different question!
I am now having problems with the cert but I will post that as a different question!