logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 



Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



Using short hostname in local domain to access ssl vhosts

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Fri 25 Aug '17 11:19    Post subject: Using short hostname in local domain to access ssl vhosts Reply with quote

Hi all,

using Apache 2.4.18 on Ubuntu 16.04.3 LTS

I need ssl protected vhosts in a local domain. For that we have a wildcard certificate for *.myprivatedomain.local
This is working when users type in the fqdn of the vhost ("site1.myprivatedomain.local") in their browser. Using the host name only, the browser complains about wrong certificate.

If I understand the manual correctly, apache uses the value from host: field in the http header of the requested site.

At first sight this seems logical, because "site1" is not enough info for apache to take the right certificate.

Long story, short question: is there a way to have apache looking for "site1.myprivatedomain.local" when in the header the host: "site1" is requested? Maybe some sort of force dns lookup?

If you need my configuration, please let me know.

Thank you very much for your help.


Alex
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 6264
Location: Germany, Next to Hamburg

PostPosted: Mon 28 Aug '17 23:08    Post subject: Reply with quote

if you use only name based vhosts it shouldn't be a problem.

like

Code:
<VirtualHost *:443>
    ServerName site1.myprivatedomain.local
Back to top
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Thu 31 Aug '17 9:38    Post subject: Reply with quote

Hi James,

thank you for your advice. Unfortunately it doesn't work. My browser complains that the certificate is for an other address...

Here is my config for the sake of completeness:

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ws_h_local.cer
SSLCertificateChainFile /etc/ssl/certs/ws_h_local_CA.cer
SSLCertificateKeyFile /etc/ssl/private/ws_h_local.key

ServerAdmin webmaster@localhost
ServerName site1.myprivatedomain.local
ServerAlias site1
DocumentRoot /var/www/html/mediawiki

<Directory /var/www/html/mediawiki/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>


I will dig in more log infos... maybe I will find some hints...

Regards
Alex
Back to top
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Thu 31 Aug '17 15:29    Post subject: Reply with quote

Eventually I managed to get things work.

In the virtual host config file for http://site1 I added

Redirect "/" "https://site1.myprivatedomain.local/"

This works.

With kind regards


Alex
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1