Some problems with Virtual Host setup and SSL

Some problems with Virtual Host setup and SSL

am 18.08.2007 11:55:04 von via.lej

Hello !

I've some problems with Virtual Hosts on Apache2, please have a look at=
my config files:

==================== =====
===3D
File sites-enabled/default
==================== =====
===3D

-------------------------------->
NameVirtualHost *

ServerAdmin webmaster@localhost

DocumentRoot /var/www/

Options FollowSymLinks
AllowOverride None


Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all


ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/

AllowOverride None
Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all


ErrorLog /var/log/apache2/error.log

# Possible values include: debug, info, notice, warn, error, cr=
it,
# alert, emerg.
LogLevel warn

CustomLog /var/log/apache2/access.log combined
ServerSignature On

Alias /doc/ "/usr/share/doc/"

Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128


DocumentRoot /var/www/phpmyadmin
ServerSignature On


RewriteEngine on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]




<---------------------------------------



==================== =====
=======3D
File sites-enabled/ssl
==================== =====
========

-------------------------------------->
NameVirtualHost *:443


# change: address of web admin
ServerAdmin webmaster@localhost
SSLEngine On
SSLCertificateFile /etc/ssl/CA/private/Administration-key-cert.pem

ServerSignature On


Options FollowSymLinks
AllowOverride None



ProxyHTMLLogVerbose On
ProxyHTMLExtended On


ProxyRequests Off

Order deny,allow
Allow from all


ProxyPass /ntop/ https://localhost:3000/
ProxyPassReverse /ntop/ https://localhost:3000/

<-------------------------------------------


When i go to http://server/, it redirects to https://server/ and i have =
a 404 error.

I just want to redirect http://admin.server/phpmyadmin (not http://serve=
r/phpmyadmin byt http://admin.server/phpmyadmin) to https://admin.server=
/phpmyadmin

I would also redirect the web pages of a software running on localhost:3=
000 (on the server) to https://admin.server/ntop/

How can i do that ?

Thanks !
Vianney



____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

RE: Some problems with Virtual Host setup and SSL (UNCLASSIFIED)

am 20.08.2007 20:26:41 von Dwight.Victor.ctr

This is a multi-part message in MIME format.

------=_NextPart_000_0046_01C7E303.D56D5DF0
Content-Type: text/plain;
charset="us-ascii"
Content-Transfer-Encoding: 7bit

Classification: UNCLASSIFIED
Caveats: NONE


Hi Vianney,

"When i go to http://server/, it redirects to https://server/ and i have a
404 error."

This is happening because you have this:


RewriteEngine on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]


in your main VirtualHost definition. If you have SSL enabled, any request
for anything (signified by the ^.*$) would be redirected to the https
server. Do you have a default page setup? Check your httpd.conf file to
see what suffixes are set.


"I just want to redirect http://admin.server/phpmyadmin (not
http://server/phpmyadmin byt http://admin.server/phpmyadmin) to
https://admin.server/phpmyadmin"

Does your server have a DNS record for "admin" or do you have something in
your /etc/hosts file that points to "admin?" This syntax "admin.domain"
usually means that you want to get to the "admin" machine on the "domain"
domain. To set this up, you have to have something that tells Apache which
machine will answer to the name "admin." Then you'll want to edit your
rewrite rule to just redirect calls to "admin.domain."

"I would also redirect the web pages of a software running on localhost:3000
(on the server) to https://admin.server/ntop/"

Read up on the use of the mod_rewrite module:

For Apache 1.3 => http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html
For Apache 2 => http://httpd.apache.org/docs/2.0/mod/mod_rewrite.html

Hope that helps,

Dwight...

---
Dwight Victor, CISSP (Contractor)
DISA-PAC EMSS Gateway Hawaii
EMAIL: dwight.victor.ctr@disa.mil
TEL: (808) 653-3677 ext 229
Classification: UNCLASSIFIED
Caveats: NONE


------=_NextPart_000_0046_01C7E303.D56D5DF0
Content-Type: application/x-pkcs7-signature;
name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="smime.p7s"

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH AQAAoIIS4jCCAmcw
ggHQoAMCAQICAQQwDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxGDAW BgNVBAoTD1UuUy4g
R292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxHDAaBgNV BAMTE0RvRCBDTEFT
UyAzIFJvb3QgQ0EwHhcNMDAwNTE5MTMxMzAwWhcNMjAwNTE0MTMxMzAwWjBh MQswCQYDVQQGEwJV
UzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAK BgNVBAsTA1BLSTEc
MBoGA1UEAxMTRG9EIENMQVNTIDMgUm9vdCBDQTCBnzANBgkqhkiG9w0BAQEF AAOBjQAwgYkCgYEA
tTD+ZL7qzG3tgSz3f+kZug5paijhqanLlVgf8eaaaVPgiD+RxVG5Y5eo5iGM E142PKhX+vhwLExq
y78wp0wW5DJc+BKwUfgWV40vtE36LqiU6Cph1FcNR85uLC9+mGfMAAirtpYW NcKFkeVboArHZlJi
82F1lReuvCpWKaXgK1MCAwEAAaMvMC0wHQYDVR0OBBYEFGycpfBcj21BjcQX O5BXwg+jzW3+MAwG
A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAr3FE+ZcjzGhpjEMHQbqI ILMiAEHImKBVHM0/
brGTXK36GJq7HHNv/SRCj4efUc++hp/p14pITwjZaZSsP+YPLZcPKJN2T2Lf /6DNYfimhgwxNCDc
fy+o+zm+le44WQJiwd5sFU/g35275HlzJP1jZJX3SqiZH0hllcd7v3gy53ow ggP0MIIDXaADAgEC
AgMZ8dMwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCVVMxGDAWBgNVBAoT D1UuUy4gR292ZXJu
bWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxGjAYBgNVBAMTEURP RCBDTEFTUyAzIENB
LTEwMB4XDTA1MTAxMTAwMDAwMFoXDTA4MTAwMzIzNTk1OVowgYIxCzAJBgNV BAYTAlVTMRgwFgYD
VQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEMMAoGA1UECxMD UEtJMRMwEQYDVQQL
EwpDT05UUkFDVE9SMSgwJgYDVQQDEx9WSUNUT1IuRFdJR0hULlBISUxJUC4x MjY4NzczMTA2MIGf
MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCGtatc27IN+5VIX07ErsMMt88n 7NsRUQj6dItWA6c4
RFU+rcLdfByywAr4DWTMFFMYkL0CGmmdOTaZA8W4jWt3X++7elikr4LWmmoU v0/WqY7Bye3w0Dwc
y0WwLKi5Uy8PCqdfN2/kaPpLFWln27ACPi/V5Zdlt2kX4YQHNSrp2QIDAQAB o4IBmDCCAZQwDgYD
VR0PAQH/BAQDAgbAMB8GA1UdIwQYMBaAFDUnGjCMHk2mYHu3LTpGLkupLysw MB0GA1UdDgQWBBR4
N9gb8hTWkNf4y/Zs9AZ2rwAKLjAWBgNVHSAEDzANMAsGCWCGSAFlAgELCTB9 BgNVHRIEdjB0hnJs
ZGFwOi8vZHMtNC5jM3BraS5kZW4uZGlzYS5taWwvY24lM2RET0QlMjBDTEFT UyUyMDMlMjBDQS0x
MCUyY291JTNkUEtJJTJjb3UlM2REb0QlMmNvJTNkVS5TLiUyMEdvdmVybm1l bnQlMmNjJTNkVVMw
gaoGA1UdHwSBojCBnzCBnKCBmaCBloaBk2xkYXA6Ly9kcy00LmMzcGtpLmRl bi5kaXNhLm1pbC9j
biUzZERPRCUyMENMQVNTJTIwMyUyMENBLTEwJTJjb3UlM2RQS0klMmNvdSUz ZERvRCUyY28lM2RV
LlMuJTIwR292ZXJubWVudCUyY2MlM2RVUz9jZXJ0aWZpY2F0ZXJldm9jYXRp b25saXN0O2JpbmFy
eTANBgkqhkiG9w0BAQUFAAOBgQARGOMmXEyNRvTInT4IdnavBhh7siT2sCMt I/TlRuqO93rj5/ji
yS0xPTMwElZFjqU2vnIECjHs3fb0/thZ82URriwaK7LWNnLl+ZH5fqRFHDM0 78Li3iMxTUKb9dnS
YlcFuyQ+A+YOTG+Dp3rRP6xqDGN3C2iqMwteIvHr/vjtfDCCBBYwggN/oAMC AQICAScwDQYJKoZI
hvcNAQEFBQAwYTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJu bWVudDEMMAoGA1UE
CxMDRG9EMQwwCgYDVQQLEwNQS0kxHDAaBgNVBAMTE0RvRCBDTEFTUyAzIFJv b3QgQ0EwHhcNMDMw
NjEwMDk1MjQxWhcNMDkwNjA4MDk1MjQxWjBfMQswCQYDVQQGEwJVUzEYMBYG A1UEChMPVS5TLiBH
b3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxDDAKBgNVBAsTA1BLSTEaMBgGA1UE AxMRRE9EIENMQVNT
IDMgQ0EtMTAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIl3jnkfyFSw DCl+lkhsALfMk7iX
sxSPtUc0tdqvf3lglnpXHWV/3kSMTNwWXHJ09SK+Zw0+k29h0sVkWR02CmTj au1sZRhh2+m5naAA
yHdgIOebAYHff5BJnzdXSnhlJ+kjaQchGe6gTVKVUr1yG5ocHAUOnghgFkPZ 8RW5PWlTAgMBAAGj
ggHeMIIB2jAdBgNVHQ4EFgQUNScaMIweTaZge7ctOkYuS6kvKzAwDgYDVR0P AQH/BAQDAgGGMA8G
A1UdEwEB/wQFMAMBAf8wDAYDVR0kBAUwA4ABADAfBgNVHSMEGDAWgBRsnKXw XI9tQY3EFzuQV8IP
o81t/jAwBgNVHSAEKTAnMAsGCWCGSAFlAgELBTALBglghkgBZQIBCwkwCwYJ YIZIAWUCAQsKMIGD
BgNVHRIEfDB6hnhsZGFwOi8vZHMtMy5jM3BraS5jaGFtYi5kaXNhLm1pbC9j biUzZERvRCUyMENM
QVNTJTIwMyUyMFJvb3QlMjBDQSUyY291JTNkUEtJJTJjb3UlM2REb0QlMmNv JTNkVS5TLiUyMEdv
dmVybm1lbnQlMmNjJTNkVVMwgbAGA1UdHwSBqDCBpTCBoqCBn6CBnIaBmWxk YXA6Ly9kcy0zLmMz
cGtpLmNoYW1iLmRpc2EubWlsL2NuJTNkRG9EJTIwQ0xBU1MlMjAzJTIwUm9v dCUyMENBJTJjb3Ul
M2RQS0klMmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292ZXJubWVudCUyY2Ml M2RVUz9jZXJ0aWZp
Y2F0ZXJldm9jYXRpb25saXN0O2JpbmFyeTANBgkqhkiG9w0BAQUFAAOBgQCm m1CSI3PtF0ENNidT
1nOG6KTVqh3340GqVusqwmwA/gUU0Ny7gmf4aMq02NiX5E7h/CTrSaLI1EcK woDdwoPLOWd0huSU
LhrKGxHTsM3AxR8OcdOGO8dVbbNJv2iP0iNb7VaXvJ3XSQEbl3sPVP6Gy8Rl 9TmFFrho7P0V+7Ot
aTCCBBwwggOFoAMCAQICASgwDQYJKoZIhvcNAQEFBQAwYTELMAkGA1UEBhMC VVMxGDAWBgNVBAoT
D1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kx HDAaBgNVBAMTE0Rv
RCBDTEFTUyAzIFJvb3QgQ0EwHhcNMDMwNjEwMDk1NTAxWhcNMDkwNjA4MDk1 NTAxWjBlMQswCQYD
VQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNE b0QxDDAKBgNVBAsT
A1BLSTEgMB4GA1UEAxMXRE9EIENMQVNTIDMgRU1BSUwgQ0EtMTAwgZ8wDQYJ KoZIhvcNAQEBBQAD
gY0AMIGJAoGBANQhe2pVqqwwtYkLXpPlJBxR3fip5SMYdRFf25JmURt8Zb1+ KhM6CCOWxBmPJg3E
R/L5rPtSRFuuco6M+lSHDfKnRKepJFBUfSieHPeBCtvh35PSvjDKXEQMf5G+ fmMcYL/HbHbDPrKx
UHx5SprkxqQKolLXpLcvbqlDu8565vBpAgMBAAGjggHeMIIB2jAdBgNVHQ4E FgQUbzcjpNMg6/QM
P2CfeUwLchDSPJcwDgYDVR0PAQH/BAQDAgGGMA8GA1UdEwEB/wQFMAMBAf8w DAYDVR0kBAUwA4AB
ADAfBgNVHSMEGDAWgBRsnKXwXI9tQY3EFzuQV8IPo81t/jAwBgNVHSAEKTAn MAsGCWCGSAFlAgEL
BTALBglghkgBZQIBCwkwCwYJYIZIAWUCAQsKMIGDBgNVHRIEfDB6hnhsZGFw Oi8vZHMtMy5jM3Br
aS5jaGFtYi5kaXNhLm1pbC9jbiUzZERvRCUyMENMQVNTJTIwMyUyMFJvb3Ql MjBDQSUyY291JTNk
UEtJJTJjb3UlM2REb0QlMmNvJTNkVS5TLiUyMEdvdmVybm1lbnQlMmNjJTNk VVMwgbAGA1UdHwSB
qDCBpTCBoqCBn6CBnIaBmWxkYXA6Ly9kcy0zLmMzcGtpLmNoYW1iLmRpc2Eu bWlsL2NuJTNkRG9E
JTIwQ0xBU1MlMjAzJTIwUm9vdCUyMENBJTJjb3UlM2RQS0klMmNvdSUzZERv RCUyY28lM2RVLlMu
JTIwR292ZXJubWVudCUyY2MlM2RVUz9jZXJ0aWZpY2F0ZXJldm9jYXRpb25s aXN0O2JpbmFyeTAN
BgkqhkiG9w0BAQUFAAOBgQCnZVmnmbJyuKSZpTUKwp7gCLe3akj225PQOrhH x0gt64LH2fvDEwhC
riHO8jRGIyDdRCQiDpPe9u2Y/xK/wvIUWDUBPML/m+OwGODiuTF81N8egB7O tG+iq2sa2oU+97oi
1rYIFj4djZnvWz49FG9q5FTodfD1Yphd3hfJ6Y+DCTCCBEEwggOqoAMCAQIC Ax/mxDANBgkqhkiG
9w0BAQUFADBlMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5t ZW50MQwwCgYDVQQL
EwNEb0QxDDAKBgNVBAsTA1BLSTEgMB4GA1UEAxMXRE9EIENMQVNTIDMgRU1B SUwgQ0EtMTAwHhcN
MDUxMDExMDAwMDAwWhcNMDgxMDAzMjM1OTU5WjCBgjELMAkGA1UEBhMCVVMx GDAWBgNVBAoTD1Uu
Uy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQwwCgYDVQQLEwNQS0kxEzAR BgNVBAsTCkNPTlRS
QUNUT1IxKDAmBgNVBAMTH1ZJQ1RPUi5EV0lHSFQuUEhJTElQLjEyNjg3NzMx MDYwgZ8wDQYJKoZI
hvcNAQEBBQADgY0AMIGJAoGBAK+HFyjqsB3OI0A8uLG3w9mg0cgzxa94OPJG tVK9SoFxMlwnSHcx
mobboTnCNHKOXmkN6MT8bPp8Omeppf0zHTzSzcacwv/EkPz4Zk20IDwceo2R evXy01u7U3777ZtW
1EzLrjAL6mY6oD2KXZG45OpJDjg4oNGbpo2k2WPTIP3bAgMBAAGjggHfMIIB 2zAOBgNVHQ8BAf8E
BAMCBSAwJQYDVR0RBB4wHIEaZHdpZ2h0LnZpY3Rvci5jdHJAZGlzYS5taWww HwYDVR0jBBgwFoAU
bzcjpNMg6/QMP2CfeUwLchDSPJcwHQYDVR0OBBYEFJGhNIbyEnLXIMahd22+ LZAQg6FOMBYGA1Ud
IAQPMA0wCwYJYIZIAWUCAQsJMIGOBgNVHRIEgYYwgYOGgYBsZGFwOi8vZW1h aWwtZHMtNC5jM3Br
aS5kZW4uZGlzYS5taWwvY24lM2RET0QlMjBDTEFTUyUyMDMlMjBFTUFJTCUy MENBLTEwJTJjb3Ul
M2RQS0klMmNvdSUzZERvRCUyY28lM2RVLlMuJTIwR292ZXJubWVudCUyY2Ml M2RVUzCBuAYDVR0f
BIGwMIGtMIGqoIGnoIGkhoGhbGRhcDovL2VtYWlsLWRzLTQuYzNwa2kuZGVu LmRpc2EubWlsL2Nu
JTNkRE9EJTIwQ0xBU1MlMjAzJTIwRU1BSUwlMjBDQS0xMCUyY291JTNkUEtJ JTJjb3UlM2REb0Ql
MmNvJTNkVS5TLiUyMEdvdmVybm1lbnQlMmNjJTNkVVM/Y2VydGlmaWNhdGVy ZXZvY2F0aW9ubGlz
dDtiaW5hcnkwDQYJKoZIhvcNAQEFBQADgYEARRvrfgpwfPSmQh57wvP0Udjh VXud5CkqhR9jechp
Suv6zI81K5RazYSm3BZSGdKr7gbcpyYobSDRgYdI16VUqCnEHuuAB8+BqGmA vQ/5cj+XNnjdko41
ZCWsPVPDZ1h1FDH9xiVOSX5fbLJFIobWiLbcxdGtofPOGxSpA/oKNF0xggLS MIICzgIBATBmMF8x
CzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNV BAsTA0RvRDEMMAoG
A1UECxMDUEtJMRowGAYDVQQDExFET0QgQ0xBU1MgMyBDQS0xMAIDGfHTMAkG BSsOAwIaBQCgggHC
MBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTA3 MDgyMDE4MjY0MFow
IwYJKoZIhvcNAQkEMRYEFIzUJFGELQSklTBAzIdhtWoheCFkMGcGCSqGSIb3 DQEJDzFaMFgwCgYI
KoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMA0GCCqGSIb3DQMCAgFAMAcGBSsO AwIHMA0GCCqGSIb3
DQMCAgEoMAcGBSsOAwIaMAoGCCqGSIb3DQIFMHsGCSsGAQQBgjcQBDFuMGww ZTELMAkGA1UEBhMC
VVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMQww CgYDVQQLEwNQS0kx
IDAeBgNVBAMTF0RPRCBDTEFTUyAzIEVNQUlMIENBLTEwAgMf5sQwfQYLKoZI hvcNAQkQAgsxbqBs
MGUxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAK BgNVBAsTA0RvRDEM
MAoGA1UECxMDUEtJMSAwHgYDVQQDExdET0QgQ0xBU1MgMyBFTUFJTCBDQS0x MAIDH+bEMA0GCSqG
SIb3DQEBAQUABIGAe5xyYYGsfJ6+NkGPnbTwn2b2a9xwNz9z0AGg8K2vYiVj 5JE2vFlvQADNFVHp
WLOhrmG/M82EMwJJpgaINJTnHJuTxT11UIVQ0RR7DylUHKpYhT6xHUxuDoVG XppqC9j3yEj+grpk
NZm8p6uTaOdNer39Z8qOwvt6yfAYRwPMVSIAAAAAAAA=

------=_NextPart_000_0046_01C7E303.D56D5DF0--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org