LINUX.IE, website of the Irish Linux Users' Group
Tux rules!

   
Home
New Users
Articles
Download
Projects
Community
Vendors

  Print Version
Email to...
 
Archives:


planetILUG

Recent News

News Archive


Join the
ILUG
on FaceBook


Join the
ILUG
on LinkedIn


Join the
ILUG SETI
Group



















 
 :: Mailing Lists

[ILUG] ssl and virtual hosts problem

[ILUG] ssl and virtual hosts problem

Andy Morrow andy.morrow at jinny.ie
Fri Jul 16 16:17:24 IST 2004 

hi all,

trying to configure ssl stuff as per the following,

have setup ssl client certs, all working fine, httpd.conf and ssl.conf all
fine,

problem is when i want to bypass this ssl require cert stuff


i want all external traffic to http://s.a.ie to be redircted to
https://s.a.ie
but i want internal ip's to be able to view the site normally without having
to install a client cert.

linux box has internal and external ip's

and below are the virtual hosts parts from the 2 .conf files


the problem is that it will do the redirect ok, but i call access the
machine's url internally ( http://192.168.2.29) or by unsecure site (
http://s.a.ie ), i just get "page cannot be displayed" message
the logs dont seem to be a lot of help either!!

thanks for any help



############################httpd.conf############

servername [external-ip]


NameVirtualHost 192.168.2.29:80

<VirtualHost 192.168.2.29:80>
        ServerAdmin root at jinny.ie
        DocumentRoot /var/www/html/
        DirectoryIndex test.php
        ServerName s.a.ie
        redirect / https://s.a.ie/
        ErrorLog logs/www_error_log
</VirtualHost>


###########################ssl.conf################
NameVirtualHost 192.168.2.29:443


<VirtualHost 192.168.2.29:443>
        ServerAdmin root at jinny.ie
        DocumentRoot /var/www/html/
        DirectoryIndex test2.php
        ServerName s.a.ie
        ErrorLog logs/ssl_error_log
        TransferLog /etc/httpd/logs/ssl_access_log
        SSLEngine On
        SSLCertificateFile /etc/httpd/conf/ssl.crt/cert.pem
        SSLCertificateKeyFile /etc/httpd/conf/ssl.key/key.pem
        <Files ~ "\.(cgi|shtml|php)$">
         SSLOptions +StdEnvVars
        </Files>
        <Directory "/var/www/cgi-bin">
         SSLOptions +StdEnvVars
        </Directory>
        SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
        CustomLog /etc/httpd/logs/ssl_request_log \
         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
        SSLVerifyClient require
        SSLVerifyDepth 2
        CustomLog logs/ssl_access_log common

	SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
	SSLCACertificatePath /etc/httpd/conf/sslcerts/cert
	SSLCACertificateFile /etc/httpd/conf/sslcerts/cert/ca.crt
</VirtualHost>

More information about the ILUG mailing list
Read this without the formatting.
                                                                                                    

  

Hosted by HEAnet


 Maintained by the ILUG website team. The aim of Linux.ie is to support and help commercial and private users of Linux in Ireland. You can display ILUG news in your own webpages, read backend information to find out how. Networking services kindly provided by HEAnet, server kindly donated by Dell. Linux is a trademark of Linus Torvalds, used with permission. No penguins were harmed in the production or maintenance of this highly praised website. Looking for the Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
RSS Version
Powered by Dell