Re: Wildcard SSL difficulties.

Top Page
Attachments:
Message as email
+ (text/plain)
+ PGP.sig (application/pgp-signature)
+ (text/plain)
Delete this message
Reply to this message
Author: Alex Dean
Date:  
To: Main PLUG discussion list
Subject: Re: Wildcard SSL difficulties.

On Jun 15, 2009, at 10:37 PM, keith smith wrote:

>
>
>
>
> I'm working on a CentOS box that has a main site and several test
> sites setup as sub-domains.
>
> The main site has an SSL and is setup on an IP by itself. The sub-
> domains are setup as virtual hosts.
>
> All is working well.
>
> The server is a managed server and we recently upgraded to a wild
> card SSL so we can test the shopping cart on the test sites using an
> SSl to catch any problems before we move the code to the live server.
>
> Up to this point I have been able to add new virtual hosts at will.
> Basically all I have to do is copy one of the virtual server
> definitions and change a few things like doc root and I'm off and
> running. Of course a DNS addition needs to occurs also.


You can also add *.youdomain.com to DNS, rather than manually adding A
records for every single subdomain. Can be a time-saver if you set up
numerous subdomains.

>
>
> I assume to take advantage of the SSL each virtual server will need
> to be on the same IP as the main site.


The opposite, actually. You can only have 1 SSL-enabled site per IP
address (unless you put them on non-standard ports), so you'll need
separate IPs for each SSL-enabled site.

>
> The only virtual servers we have are sub-domains to the main site.
>
> Here is my problem. When I put the IP of the main site in the viral
> server like this
>
> <VirtualHost 000.000.000.000:80>
>    ServerAdmin 
>    DocumentRoot /home/docroot/public_html
>    ServerName docroot.domain.tld
>    ErrorLog /home/docroot/logs/error_log-docroot
>    CustomLog /home/docroot/logs/combined_log-docroot combined
>    Include "conf.d/notrace.conf"
> </VirtualHost>

>
> The main site will not load in my browser. I do not recall the
> exact message - something like "you do not have directory access
> permission" or something like that.


I'm not sure what's going on there. Could you post the actual
configuration and the error messages? Check in your error logs to
verify which virtual host is responding to the request. It might not
be the one you're expecting.

The first VirtualHost you define for a given port number (like 80)
becomes the default vhost for that port. If you receive a request
which doesn't match any of the ServerName or ServerAlias values in
your vhosts, the request will be sent to the default virtual host.
Make sure that your main site's VirtualHost appears before any others,
and see if that makes any difference.

Also : I don't see anything in your question which relates to SSL.
Did something get left out?

alex
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss