IP-Based Virtual Hosting must be used if configuring multiple SSL Virtual Hosts
 Technote (troubleshooting)
 
Problem(Abstract)
IP-Based Virtual Hosting must be used if configuring multiple SSL Virtual Hosts
 
Resolving the problem
IP-Based Virtual Hosting must be used if configuring multiple SSL Virtual Hosts.
  • IP-Based virtual hosting
    Each VirtualHost stanza is configured with a different IP address. The SSLServerCert directive must also be used if configuring multiple SSL Virtual Hosts.

  • Name-Based virtual hosting
    Each VirtualHost stanza is configured with the same IP address. This also requires the use of a NameVirtualHost directive.

Chapter 6 of the Redbook, IBM HTTP Server Powered by Apache on RS/6000, 6.4.9 SSL and Virtual Hosts:

"Running multiple virtual hosts that support SSL can be done with the IBM HTTP Server by defining "IP-based" virtual hosts. The certificate is specified with the SSLServerCert directive."

The following example defines two Web sites in the same httpd.conf file. This requires four VirtualHost containers to be defined for this to work:

<VirtualHost 1.2.3.4>
ServerName www.CompanyA.com
ServerAdmin webmaster@CompanyA.com
DocumentRoot /www/html/CompanyA
ErrorLog /www/logs/CompanyA/error_log
TransferLog /www/logs/CompanyA/access_log
</VirtualHost>

<VirtualHost 1.2.3.5>
ServerName www.CompanyB.com
ServerAdmin webmaster@CompanyB.com
DocumentRoot /www/html/CompanyB
ErrorLog /www/logs/CompanyB/error_log
TransferLog /www/logs/CompanyB/access_log
</VirtualHost>

<VirtualHost 1.2.3.4:443>
SSLEnable
SSLClientAuth none
SSLServerCert Company A
ServerName www.CompanyA.com
ServerAdmin webmaster@CompanyA.com
DocumentRoot /www/html/CompanyA
ErrorLog /www/logs/CompanyA/error_log
TransferLog /www/logs/CompanyA/access_log
</VirtualHost>

<VirtualHost 1.2.3.5:443>
SSLEnable
SSLClientAuth none
SSLServerCert Company B
ServerName www.CompanyB.com
ServerAdmin webmaster@CompanyB.com
DocumentRoot /www/html/CompanyB
ErrorLog /www/logs/CompanyB/error_log
TransferLog /www/logs/CompanyB/access_log
</VirtualHost>

SSLDisable
Keyfile /usr/lpp/HTTPServer/keys/Keyfile.kdb
SSLV2Timeout 100
SSLV3Timeout 1000

Note: The SSLServerCert specifies the certificate label to be used for a specific virtual host.
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > IBM HTTP Server
Operating system(s): Windows
Software version: 6.0
Software edition:
Reference #: 1045922
IBM Group: Software Group
Modified date: Sep 16, 2004