Re: [apache-ssl] virtual hosts, DNS and more

To: apache-ssl@lists.aldigital.co.uk
Subject: Re: [apache-ssl] virtual hosts, DNS and more
From: Adam Laurie <adam@algroup.co.uk>
Date: Fri, 15 May 1998 09:38:57 +0100
Delivered-To: mailing list apache-ssl@lists.aldigital.co.uk
Mailing-List: contact apache-ssl-help@lists.aldigital.co.uk; run by ezmlm
Organization: http://www.apache-ssl.org
Organization: A.L. Group plc
References: <199805141951.MAA07314@tulip.dt.net>
Reply-To: apache-ssl@lists.aldigital.co.uk

Joost Zuurbier wrote:
> 
> Hi,
> 
> Today I completed the installation of a Thawte certificate in Apache SSL.
> (thanx Adam for letting me know that this other error was a bug in the patch)
> 
> I am using SSLeay 0.9.0 and Apache 1.2.6 with 1.16 patches.
> It's all working fine with the root host, but I cannot get the
> virtual hosts working. The browser kind of hangs and times out
> after 2 minutes or so.
> 
> I tried several differenct configuration which were on this mailinglist
> before, but it didn't do much help. According to this, I've got the
> following questions.
> 
> 1. For virtual hosting I use IP's instead of names.

No problem.

> 1a. Do the ip's require reverse DNS deligation or does it work with
> 
> <VirtualHost 192.32.22.5:443>
> ServerName lily.dt.net
> ..
> ..
> </VirtualHost>

That should work fine - ServerName overrides reverse DNS. Do you have a
'Port 443' and 'Listen 443' in your main config section?

> 
> 1b. Do I need to set any other parameters in the httpd.conf
> to make virtual IP hosting work? What about the variable
> # BindAddress *
> Does that one needs to be on?

By default Apache will listen on "*", so you would see something like:

      *.80                 *.*                0      0     0      0
LISTEN
      *.443                *.*                0      0     0      0
LISTEN

In a netstat. This means that any IP aliases running on that machine
will also listen on those ports. You only need to use the BindAddress
directive if you want to limit the IP's that listen.

> 
> 2. In the INSTALL notes of Apache-SSL there is assumed that
> you have empty srm.conf and access.conf files. Is that ok?

Yep - in fact if they're empty they don't need to even exist.

> 
> 3. Does somebody have a working httpd.conf for usage
> with NO root server and one or more secure hosts?

Nope, not sure why you'd want to, so I've never tried... you could
always bind it to 'localhost', which would make it effectively 'not
there' for the rest of the world...

> Thanks for your reply. I'm learning every day :-)

That's the name of the game...

cheers,
Adam
--
Adam Laurie                   Tel: +44 (181) 742 0755
A.L. Digital Ltd.             Fax: +44 (181) 742 5995
Voysey House                  
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adam@algroup.co.uk
UNITED KINGDOM                PGP key on keyservers

References:
- virtual hosts, DNS and more
  - From: Joost Zuurbier <joost@dt.net>

Prev by Date: Linux Compiling problz...
Next by Date: Re: [apache-ssl] Linux Compiling problz...
Prev by thread: virtual hosts, DNS and more
Next by thread: Linux Compiling problz...
Index(es):
- Date
- Thread