top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Apache: Virtual Hosts and SSL Puzzler

+1 vote
331 views

I have 3 virtual hosts that for all I can see are configured identically other the the obviously needed differences. The same is true of the 3 crt files.

 ServerName public.mydomain.com
 DocumentRoot /var/www/html
 SSLEngine on
 SSLCertificateFile /etc/httpd/SSL/public.crt
 SSLCertificateKeyFile /etc/postfix/SSL/server.key

 ServerName distrib.mydomain.com
 DocumentRoot /var/www/html/distrib
 SSLEngine on
 SSLCertificateFile /etc/httpd/SSL/distrib.crt
 SSLCertificateKeyFile /etc/postfix/SSL/server.key

 ServerName mail.mydomain.com
 DocumentRoot /usr/local/squirrelmail/www
 SSLEngine on
 SSLCertificateFile /etc/httpd/SSL/mail.crt
 SSLCertificateKeyFile /etc/postfix/SSL/server.key

The problem is that 2 of them work perfectly and the lock shows up in the browser. With the third (public), I get a gray globe indicating partial encryption which does not prevent eavesdropping. I have no clue
how to debug this or even where to look. Can someone point me in the right direction?

posted Oct 22, 2013 by Abhay Kulkarni

Looking for an answer?  Promote on:
Facebook Share Button Twitter Share Button LinkedIn Share Button

Similar Questions
0 votes

How to use multiple virtual hosts with a single SSL instance running on the standard https port.

0 votes

I am using Apache 2.2 on LE for several years now and I use intensively the virtual host mechanism (300 virtual hosts per http instance).

As soon as you start sharing resources between applications, you want to protect your platform and prevent an application from taking all the threads and cause a resource starvation for the others.

To do so i used the third party mod_qos module to limit the number of simultaneous connections per virtual hosts. Now that i intend to migrate to Apache 2.4, my first tests reveal that this module is not compatible with this version of Apache, thats also the warning that developer raised for his module.

It appears that I don't find any real alternative to substitute the mod_qos module with something else. Here are my questions :
- Can you confirm that Apache does not provide any mechanism allowing to limit the number of connection per virtual host, just to be sure that I am not missing something ?
- Why Apache doesn't provide such a functionality ? :) From my very humble user perspective, I am surprised that this is not a native functionality as it seems to me that my need is probably shared by many users. Moreover Apache provides many other complex functionalities, the one I am describing would be probably something simple to implement compared to other functionalities already available.

+1 vote

I try to configure apache virtual hosts after NAT. There are two name (like abc.dom.com and cde.dom.com) which refer to the same external address. This address is given to wan-port of a gateway and assigned to
be NAT to internal address where apache is up with ports 80 to 80.

Does it possible to configure the apache so it distinguishes name abc.* and cde.* (used by clients externally) and returns different pages (provided two s are configured)?

Which Directives are implemented in the case? Or, maybe, the example of such httpd.conf?

+1 vote

I have an idea how to setup Apache for doing load balancer based on mod_proxy and mod_balance modules. But in my case the backend server requires ssl client certificate authentication and therefore the Apache Server cannot terminate the ssl connection.

I do no need http session cookie stickyness. The application is stateless. Can I somehow configure Apache as a transparent balancer?

Or I should use even another software - squid, iptables? The backend application is a web service running on Tomcat.

...