[rt-users] _default_ VirtualHost overlap on port 443, the first has precedence

Drew Barnes barnesaw at ucrwcu.rwc.uc.edu
Fri Aug 21 11:17:07 EDT 2009


Try naming the virtual hosts.  *:443 means any domain that resolves to that
machine will get the first one, since it matches.

Curtis may also be right (never tried two https sites on the same box), but
try having the first one be <VirtualHost firstone:443> and the second one
<VirtualHost rt:443> and see if it works for you.



On 8/21/09 11:13 AM, "testwreq wreq" <testwreq at gmail.com> wrote:

> Actually, I should have mentioned before that our rt installation is on a
> different IP.
> 
> On Fri, Aug 21, 2009 at 11:09 AM, Curtis Bruneau <curtisb at vianet.ca> wrote:
>> Each SSL site pretty much needs to be on it's own IP address, the reasoning
>> is the cert negotiation isn't name based header as apache would. The only
>> other way would be to have them on different ports but then you'd have to
>> specify the port when going to the site.
>> 
>> testwreq wreq wrote:
>>> * 
>>> 
>>> I have managed to get it all set up and RT running OK with named virtual
>>> host over http. However, I am having problems with getting them to work over
>>> https. When I set a virtual host name, it always serves the first listed
>>> domain. See settings below. https:firstone serves the correct folder, but
>>> https:rt serves firstone's documents
>>> 
>>> my settings:
>>> 
>>> <VirtualHost *:443>
>>> 
>>> DocumentRoot "C:/Development/firstone"
>>> ServerName firstone
>>> ServerAdmin webmaster at localhost
>>> ErrorLog logs/ssl/error.log
>>> TransferLog logs/ssl/access.log
>>> 
>>> SSLEngine on.......etc
>>> </VirtualHost>
>>> 
>>> <VirtualHost *:443>
>>>       ServerName rt.hostname.com <http://rt.hostname.com/>
>>> <http://rt.hostname.com <http://rt.hostname.com/> <http://rt.hostname.com
>>> <http://rt.hostname.com/>  >
>>> 
>>>       DocumentRoot /data/rt3/share/html
>>>       AddDefaultCharset UTF-8
>>>       PerlModule Apache::DBI
>>>       PerlRequire /data/rt3/bin/webmux.pl
>>>        <Location /NoAuth/images>
>>>                SetHandler default
>>>        </Location>
>>>       ErrorLog logs/ssl_error_log
>>>       TransferLog logs/ssl_access_log
>>>       LogLevel warn
>>>       <Directory />
>>>          SSLRequireSSL
>>>       </Directory>
>>>        SSLEngine on
>>>        SSLProtocol all -SSLv2
>>>        SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
>>>        SSLCertificateFile /etc/sslcertificate/server.crt
>>>        SSLCertificateKeyFile /etc/sslcertificate/server.key
>>> </VirtualHost>
>>> while restarting apache I get a warning << _default_ VirtualHost overlap on
>>> port 443, the first has precedence>>
>>>  Any suggestions???
>>> 
>>> Thanks in advance,
>>> rq
>>> *
>>> ------------------------------------------------------------------------
>>> 
>>> _______________________________________________
>>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>> 
>>> Community help: http://wiki.bestpractical.com
>>> <http://wiki.bestpractical.com/>
>>> Commercial support: sales at bestpractical.com
>>> 
>>> 
>>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a
>>> copy at http://rtbook.bestpractical.com <http://rtbook.bestpractical.com/>
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> http://lists.bestpractical.com/cgi-bin/mailman/listinfo/rt-users
>>> 
>>> Community help: http://wiki.bestpractical.com
>>> Commercial support: sales at bestpractical.com
>>> 
>>> 
>>> Discover RT's hidden secrets with RT Essentials from O'Reilly Media.
>>> Buy a copy at http://rtbook.bestpractical.com
>>> 
>>> -- 
>>> Drew Barnes
>>> Applications Analyst
>>> Network Resources Dept.
>>> Raymond Walters College

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20090821/ad01fa14/attachment.htm>


More information about the rt-users mailing list