DeveloperSide.NET Forums
November 19, 2019, 11:17:28 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News:
 
   Home   Help Search Login Register  
Pages: [1]
  Print  
Author Topic: SSL - Step By Step  (Read 6554 times)
0 Members and 1 Guest are viewing this topic.
mysticcorp
Member
*
Posts: 2


View Profile Email
« on: May 26, 2008, 01:39:00 PM »

OK check it out.. I am going to layout everything I have, and someone see (if you do not mind) if you can see what I am doing wrong.

1st.. My domain. www.DOMAIN.com is hosted with a Hosting Provider.

sub1.DOMAIN.com (the subdomain) is pointed to my home server
sub2.DOMAIN.com is pointed to my home server
sub3.DOMAIN.com is pointed to my home server
sub4.DOMAIN.com is pointed to my home server

Here is HOST FILE (windows DIR)

Quote
127.0.0.1   localhost

127.0.0.1   sub1.DOMAIN.com
127.0.0.1   sub2.DOMAIN.com
127.0.0.1   sub3.DOMAIN.com


Here is My httpd-vhost.conf file (the real one)

Quote
NameVirtualHost *:80

# localhost - used for intranet

<VirtualHost *:80>
   DocumentRoot /www/vhosts/localhost/
   ServerName localhost
   Include conf/extra/vhosts/localhost/*.conf
</VirtualHost>

# sub1

<VirtualHost *:80>
   ServerName  sub1.DOMAIN.com
   DocumentRoot /www/vhosts/htdsub1
   ErrorLog /www/Apache22/logs/error.log
   <Directory "/www/vhosts/htdsub1">
      Options All
      AllowOverride All
      order allow,deny
      allow from all
   </Directory>
</VirtualHost>

# sub2

<VirtualHost *:80>
   ServerName  sub2.DOMAIN.com
   DocumentRoot /www/vhosts/htdsub2
   ErrorLog /www/Apache22/logs/error.log
   <Directory "/www/vhosts/htdsub2">
      Options All
      AllowOverride All
      order allow,deny
      allow from all
   </Directory>
</VirtualHost>

# sub3

<VirtualHost *:80>
   ServerName  sub3.DOMAIN.com
   DocumentRoot /www/vhosts/htdsub3
   ErrorLog /www/Apache22/logs/error.log
   <Directory "/www/vhosts/htdsub3">
      Options All
      AllowOverride All
      order allow,deny
      allow from all
   </Directory>
</VirtualHost>


Here is my httpd-ssl.conf (real one) file.

Quote

## GLOBAL SETTING
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
SSLPassPhraseDialog  builtin
SSLSessionCache        shmcb:logs/ssl_scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default


## SSL Virtual Host Context
<VirtualHost localhost:443>
ServerName localhost:443
DocumentRoot "/www/vhosts/localhost"
ServerAdmin admin@localhost
ErrorLog logs/error_ssl.log
TransferLog logs/access_ssl.log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile conf/ssl.crt/server.crt
#SSLCertificateFile conf/server-dsa.crt
SSLCertificateKeyFile conf/ssl.key/server.key
#SSLCertificateKeyFile conf/server-dsa.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
    SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/www/cgi-bin">
   SSLOptions +StdEnvVars
</Directory>
BrowserMatch ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
Include conf/extra/vhosts/localhost/*.conf
</VirtualHost>

Now for my Problem..

I will make it simple.. I will list my domains and what I want to happen

DOMAIN - What I want to happen - What is Happening
http://Sub1.Domain.com (HTTP) - Want: Load Sub1 Page - Getting: Working Now
http://Sub2.Domain.com (HTTP) - Want: Load Sub2 Page - Getting: Working Now
http://Sub3.Domain.com (HTTP) - Want: Load Sub3 Page - Getting: Working Now
http://localhost(HTTP) - Load localhost Page - Working Now
https://Sub1.Domain.com (HTTPS) - Want: Load Sub1 SSL Page (same as HTTP dir) - Getting: Loads LocalHost SSL Page
https://Sub2.Domain.com (HTTPS) - Want: Load Nothing - Getting: Loads LocalHost SSL Page
https://Sub3.Domain.com (HTTPS) - Want: Load Nothing - Getting: Loads LocalHost SSL Page
https://localhost (HTTPS) - Load Nothing - Getting: Loads LocalHost SSL Page

See my problem is that all sites when loaded with the https:// and not the http:// they all goto the localhost SSL directory,
and I have tried 100's of different configurations and changes and nothing seems to work. I also need to make sure the
others do not all point to a SSL page, if I wanted SSL I would install it for those domains. I only want the ONE
sub domain to have SSL. And for the others to not load when the "s" is used.

Hope this explains things here. I wil lnot change any files until noted here, so that I stay on the same page as those trying to help me out here. Thanks in advance.

Note: the SSL Cert that came with the suite, I know it is expired, I will install a new one, once I get everything to load correctly, I will then worry about the new Cert that I already bought and have ready.
Logged
admin
Administrator
Master of All Subjects
*****
Posts: 3272


View Profile WWW Email
« Reply #1 on: May 26, 2008, 02:57:23 PM »

It is the way the ssl connection is established that causes this. You can only have one SSL host per IP address. In turn, everything for that IP  address gets resolved to the SSL host you have for that IP address. It works like this because the SSL link is established before the server knows which host is being requested.

The only option here is to use mod_rewrite under the SSL host and get a few rules to check the host being requested. If not 'localhost', then block.
« Last Edit: May 26, 2008, 02:59:22 PM by admin » Logged

DeveloperSide.NET
Advanced PHP and MySQL Solutions for your Web Design and Development needs with Web.Developer Server Suite.
mysticcorp
Member
*
Posts: 2


View Profile Email
« Reply #2 on: June 07, 2008, 03:22:48 AM »

Now I got it...  That is all I needed, I short to the point, in detail answer.. Thanks again.

I was able to use the rewrite, in order to block the use of other names.

Logged
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.9 | SMF © 2006-2009, Simple Machines LLC Valid XHTML 1.0! Valid CSS!