Forum Moderators: phranque
<IfModule ssl_module>
SSLMutex default
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLSessionCache none
</IfModule>
<IfDefine SSL>
<VirtualHost www.pchweb2.com>
ServerName www.sslsite.com
DocumentRoot "C:/apache2/htdocs/test"
DirectoryIndex index.html
SSLEngine on
SSLCertificateKeyFile C:/Apache2/conf/ssl/my-server.key
SSLCertificateFile C:/Apache2/conf/ssl/my-server.cert
</VirtualHost>
</IfDefine>
<VirtualHost www.xyz.com:80>
ServerName www.pchweb22.com
DocumentRoot "C:/apache2/htdocs/test2"
DirectoryIndex index.html
</VirtualHost>
I have searched a bit for a solution to the problem but have yet to find the perfect answer. Two things are coming into play:
1) In a virtualhost scenario, if a request is received for a server name that is not defined it defaults to the first virtualhost.
2) The server name being requested is not available in the SSL packet.
In your setup, you have one virtualhost on port 80, and one SSL virtualhost on port 443? But the server name isn't available with SSL - so all port 443 traffic will be sent to the first (default) virtualhost.
I found one solution to the problem. Setup one virtualhost specifically on port 80 something like ipaddress:80 then setup a regular host specifically on port 443 - ipaddress:443. This will keep people from getting the wrong page, but the trade-off is that inputing the other domains with the https protocol will get a server not found error - not the ideal solution.
I came up with my own solution to this problem, but I haven't tested this fully so proceed with caution :)
<VirtualHost www.example.com> **** LITERALLY USE "EXAMPLE.COM
ServerName www.example.com **** LITERALLY USE "EXAMPLE.COM
DocumentRoot "C:/apache2/htdocs/default"
</VirtualHost>
<VirtualHost www.real_domain1.com:80>
ServerName www.real_domain.com:80
DocumentRoot "C:/apache2/htdocs/domain1"
</VirtualHost>
<VirtualHost www.real_domain1.com:443>
ServerName www.real_domain.com:443
DocumentRoot "C:/apache2/htdocs/domain1"
SSLEngine on
SSLCertificateKeyFile C:/Apache2/conf/ssl/my-server.key
SSLCertificateFile C:/Apache2/conf/ssl/my-server.cert
</VirtualHost>
<VirtualHost www.real_domain2.com>
ServerName www.real_domain.com
DocumentRoot "C:/apache2/htdocs/domain2"
</VirtualHost>
<VirtualHost www.real_domain3.com>
ServerName www.real_domain.com
DocumentRoot "C:/apache2/htdocs/domain3"
</VirtualHost>
What I am doing is sending all unknown traffic to my dummy example.com domain. Lastly, use a 301 redirect in an .htaccess file in the example.com domain to redirect all [domain.com...] back to [domain.com...] and everybody should end up where expected.
Like I said though, I haven't fully tested this so if anyone sees any glaring over sites or a better idea I would love to hear them!
William.
Or, with a bit of mod_rewrite in that default virtual host, you can examine the %{HTTP_HOST} sent in the client's request header, and probably figure out which of the actually-hosted sites to 301-redirect the incorrect request to.
Jim
