|
Problem(Abstract) |
IP-Based Virtual Hosting must be used if configuring
multiple SSL Virtual Hosts |
|
|
|
Resolving the
problem |
IP-Based Virtual Hosting must be used if configuring
multiple SSL Virtual Hosts.
- IP-Based virtual hosting
Each VirtualHost stanza is configured with a different IP address.
The SSLServerCert directive must also be used if configuring multiple SSL
Virtual Hosts.
- Name-Based virtual hosting
Each VirtualHost stanza is configured with the same IP address. This
also requires the use of a NameVirtualHost directive.
Chapter 6 of the Redbook, IBM
HTTP Server Powered by Apache on RS/6000, 6.4.9 SSL and Virtual Hosts:
"Running multiple virtual hosts that support SSL can be done with the
IBM HTTP Server by defining "IP-based" virtual hosts. The certificate is
specified with the SSLServerCert directive."
The following example defines two Web sites in the same
httpd.conf file. This requires four VirtualHost containers to be
defined for this to work:
<VirtualHost 1.2.3.4>
ServerName www.CompanyA.com
ServerAdmin webmaster@CompanyA.com
DocumentRoot /www/html/CompanyA
ErrorLog /www/logs/CompanyA/error_log
TransferLog /www/logs/CompanyA/access_log
</VirtualHost>
<VirtualHost 1.2.3.5>
ServerName www.CompanyB.com
ServerAdmin webmaster@CompanyB.com
DocumentRoot /www/html/CompanyB
ErrorLog /www/logs/CompanyB/error_log
TransferLog /www/logs/CompanyB/access_log
</VirtualHost>
<VirtualHost 1.2.3.4:443>
SSLEnable
SSLClientAuth none
SSLServerCert Company A
ServerName www.CompanyA.com
ServerAdmin webmaster@CompanyA.com
DocumentRoot /www/html/CompanyA
ErrorLog /www/logs/CompanyA/error_log
TransferLog /www/logs/CompanyA/access_log
</VirtualHost>
<VirtualHost 1.2.3.5:443>
SSLEnable
SSLClientAuth none
SSLServerCert Company B
ServerName www.CompanyB.com
ServerAdmin webmaster@CompanyB.com
DocumentRoot /www/html/CompanyB
ErrorLog /www/logs/CompanyB/error_log
TransferLog /www/logs/CompanyB/access_log
</VirtualHost>
SSLDisable
Keyfile /usr/lpp/HTTPServer/keys/Keyfile.kdb
SSLV2Timeout 100
SSLV3Timeout 1000 |
Note: The SSLServerCert specifies the certificate label to be used
for a specific virtual host. |
|
|
|
|
|
|