Full Version: Httpsdocs in subdomain
I have a wildcard cert on my server and thats works fine. when i go to a subdomain via https it pulls from the main domains httpsdocs folder, how do i create one for each individual domain and have it pull files from that folder. Each subdomain has different content so pulling from the main domains folder wont work.
I know the best way is to create a vhost.conf file but how do I do that. Someone give me a hand here.
QUOTE (Tonyurso)
I know the best way is to create a vhost.conf file but how do I do that. Someone give me a hand here.
well to use an include first you have to include it in the httpd.conf
CODE
Include /etc/httpd/conf/httpd.include.domain
then you have to have the conf file in that location
CODE
ServerAlias domain.com
<VirtualHost xx.xx.xx.xx:80>
ServerName domain.com:80
ServerAlias www.domain.com
UseCanonicalName Off
ServerAdmin "admin@domain.com"
DocumentRoot /home/httpd/vhosts/domain.com/httpdocs
CustomLog /home/httpd/vhosts/domain.com/statistics/logs/access_log
ErrorLog /home/httpd/vhosts/domain.com/statistics/logs/error_log
<Directory /home/httpd/vhosts/twinlakes-rvresort.com/httpdocs>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/domain.com/httpdocs:/tmp"
</IfModule>
</VirtualHost>
<VirtualHost xx.xx.xx.xx:80>
ServerName domain.com:80
ServerAlias www.domain.com
UseCanonicalName Off
ServerAdmin "admin@domain.com"
DocumentRoot /home/httpd/vhosts/domain.com/httpdocs
CustomLog /home/httpd/vhosts/domain.com/statistics/logs/access_log
ErrorLog /home/httpd/vhosts/domain.com/statistics/logs/error_log
<Directory /home/httpd/vhosts/twinlakes-rvresort.com/httpdocs>
<IfModule sapi_apache2.c>
php_admin_flag engine on
php_admin_value open_basedir "/home/httpd/vhosts/domain.com/httpdocs:/tmp"
</IfModule>
</VirtualHost>
somthing like that
QUOTE
when i go to a subdomain via https it pulls from the main domains httpsdocs folder, how do i create one for each individual domain and have it pull files from that folder
As far as I know, you can't have name-based virtual hosting with SSL, i.e. you can't have multiple SSL hosts on one IP address. You are required to have a separate IP address for each SSL host (i.e., a separate IP address for each your subdomain).
Now, if you have a separate IP address for each individual subdomain: let's say, you have one.domain.com resolving to 1.1.1.1 and two.domain.com resolving to 2.2.2.2, you need a VirtualHost record for each of them like this:
CODE
<VirtualHost 1.1.1.1:443>
DocumentRoot /path/to/httpdocs/one.domain.com
ServerName one.domain.com
SSLEngine On
SSLCertificateFile /path/to/wildcard/certificate/file
SSLCertificateKeyFile /path/to/wildcard/key/file
</VirtualHost>
<VirtualHost 2.2.2.2:443>
DocumentRoot /path/to/httpdocs/two.domain.com
ServerName two.domain.com
SSLEngine On
SSLCertificateFile /path/to/wildcard/certificate/file
SSLCertificateKeyFile /path/to/wildcard/key/file
</VirtualHost>
DocumentRoot /path/to/httpdocs/one.domain.com
ServerName one.domain.com
SSLEngine On
SSLCertificateFile /path/to/wildcard/certificate/file
SSLCertificateKeyFile /path/to/wildcard/key/file
</VirtualHost>
<VirtualHost 2.2.2.2:443>
DocumentRoot /path/to/httpdocs/two.domain.com
ServerName two.domain.com
SSLEngine On
SSLCertificateFile /path/to/wildcard/certificate/file
SSLCertificateKeyFile /path/to/wildcard/key/file
</VirtualHost>
you can do name based SSL hosting without a problem. how do you think plesk does it 
QUOTE (Gary Simat)
you can do name based SSL hosting without a problem. how do you think plesk does it
Can you explain how Plesk does it?
QUOTE
Why is it not possible to use Name-Based Virtual Hosting to identify different SSL virtual hosts?
Name-Based Virtual Hosting is a very popular method of identifying different virtual hosts. It allows you to use the same IP address and the same port number for many different sites. When people move on to SSL, it seems natural to assume that the same method can be used to have lots of different SSL virtual hosts on the same server.
It comes as rather a shock to learn that it is impossible.
The reason is that the SSL protocol is a separate layer which encapsulates the HTTP protocol. So the SSL session is a separate transaction, that takes place before the HTTP session has begun. The server receives an SSL request on IP address X and port Y (usually 443). Since the SSL request does not contain any Host: field, the server has no way to decide which SSL virtual host to use. Usually, it will just use the first one it finds, which matches the port and IP address specified.
You can, of course, use Name-Based Virtual Hosting to identify many non-SSL virtual hosts (all on port 80, for example) and then have a single SSL virtual host (on port 443). But if you do this, you must make sure to put the non-SSL port number on the NameVirtualHost directive, e.g.
Other workaround solutions include:
Using separate IP addresses for different SSL hosts. Using different port numbers for different SSL hosts.
Name-Based Virtual Hosting is a very popular method of identifying different virtual hosts. It allows you to use the same IP address and the same port number for many different sites. When people move on to SSL, it seems natural to assume that the same method can be used to have lots of different SSL virtual hosts on the same server.
It comes as rather a shock to learn that it is impossible.
The reason is that the SSL protocol is a separate layer which encapsulates the HTTP protocol. So the SSL session is a separate transaction, that takes place before the HTTP session has begun. The server receives an SSL request on IP address X and port Y (usually 443). Since the SSL request does not contain any Host: field, the server has no way to decide which SSL virtual host to use. Usually, it will just use the first one it finds, which matches the port and IP address specified.
You can, of course, use Name-Based Virtual Hosting to identify many non-SSL virtual hosts (all on port 80, for example) and then have a single SSL virtual host (on port 443). But if you do this, you must make sure to put the non-SSL port number on the NameVirtualHost directive, e.g.
CODE
NameVirtualHost 192.168.1.1:80
Other workaround solutions include:
Using separate IP addresses for different SSL hosts. Using different port numbers for different SSL hosts.
ive never studied it in depth nor do i have the time to, but it does it...
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.