Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
Topic: SNI not works on apache 2.4 ? |
|
Author |
|
olan75
Joined: 28 May 2019 Posts: 2 Location: Naples
|
Posted: Tue 28 May '19 11:44 Post subject: SNI not works on apache 2.4 ? |
|
|
Hi all, I am using apache lounge on my server windows server 2008 r2 ,
i have made migration from apache 2.2 (x86) to apache 2.4 (x64) because i need to use php 5.6.20 not supported for apache 2.2 and now I have a problem with SNI,
SNI for apache 2.4 doesnt'works, it returns the ssl certificate of first virtualhost for all'virtual hosts whit ssl definition, i need help please,
I have the same problem with both vc15 and vc14
with apache 2.2 it was enough for me to insert the directives:
NameVirtualHost *: 443
SSLStrictSNIVHostCheck on
that SNI has started to work, while with the 2.4 the NameVirtualHost directive must be eliminated, however with the only SSLStrictSNIVHostCheck on directive with the 2.4 version, SNI does not work.
maybe on the 2.4 I have to activate some different module than the 2.2?
Thanks in advance!
right now I'm stuck at 2.2 of apache
How can I do, thank you very much.
this are two of my virtualhosts
Code: |
<virtualhost *:443>
ServerName www.mandorlebio.it
ServerAlias *mandorlebio.it
JkMount /* worker_4473
SSLEngine on
SSLCertificateKeyFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.private.key
SSLCertificateFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.crt
SSLCertificateChainFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.ca-bundle
</virtualhost>
<virtualhost *:443>
ServerName www.ciclosportservice.it
ServerAlias *ciclosportservice.it
JkMount /* worker_2228
SSLEngine on
# il file www.dponetwork.it.private.key viene scaricato insieme al csr
SSLCertificateKeyFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.private.key
SSLCertificateFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.crt
SSLCertificateChainFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.ca-bundle
DocumentRoot "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it"
<Directory "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it/">
Require all granted
Options -Indexes
</Directory>
Alias /httpdoc "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it"
#esclude la directory /httpdocs dal JkMount
SetEnvIf Request_URI "/httpdoc/*" no-jk
</virtualhost>
|
|
|
Back to top |
|
James Blond Moderator
Joined: 19 Jan 2006 Posts: 7288 Location: Germany, Next to Hamburg
|
Posted: Mon 03 Jun '19 12:54 Post subject: |
|
|
if you run in cmd
/path/to/httpd.exe -S
what do you get? |
|
Back to top |
|
olan75
Joined: 28 May 2019 Posts: 2 Location: Naples
|
Posted: Thu 06 Jun '19 11:08 Post subject: |
|
|
James Blond wrote: | if you run in cmd
/path/to/httpd.exe -S
what do you get? |
I state that I am testing SNI for Apache 2.4 using port 81 for http and 444 for https (because on the same server is also active for production Apache 2.2 on ports 80 and 443 with SNI functioning correctly) however if I stop Apache 2.2 and start Apache 2.4 on ports ports 80 and 443 I have exactly the same problem therefore it is excluded that it depends on the doors used.
this is the otutput of the command you suggested to me:
Code: |
C:\Program Files\Apache Software Foundation\Apache24\bin>httpd -S
VirtualHost configuration:
*:81 is a NameVirtualHost
default server localhost (C:/Program Files/Apache Software Foundation/A
pache24/conf/httpd.conf:634)
port 81 namevhost localhost (C:/Program Files/Apache Software Foundatio
n/Apache24/conf/httpd.conf:634)
port 81 namevhost www.management.igmtouch.it (C:/Program Files/Apache S
oftware Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf:
1)
alias management.igmtouch.it
port 81 namevhost www.ciclosportservice.it (C:/Program Files/Apache Sof
tware Foundation/Apache24/conf/virtual-hosts-conf/ciclosportservice.it.conf:17)
wild alias *ciclosportservice.it
*:444 is a NameVirtualHost
default server www.management.igmtouch.it (C:/Program Files/Apache Soft
ware Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf:48)
port 444 namevhost www.management.igmtouch.it (C:/Program Files/Apache
Software Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf
:48)
wild alias *management.igmtouch.it
port 444 namevhost www.ciclosportservice.it (C:/Program Files/Apache So
ftware Foundation/Apache24/conf/virtual-hosts-conf/ciclosportservice.it.conf:28)
wild alias *ciclosportservice.it
ServerRoot: "C:/Program Files/Apache Software Foundation/Apache24"
Main DocumentRoot: "C:/Program Files/Apache Software Foundation/Apache24/htdocs"
Main ErrorLog: "C:/Program Files/Apache Software Foundation/Apache24/logs/ssl_en
gine.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="C:/Program Files/Apache Software Foundation/Apache24/logs/"
mechanism=default
PidFile: "C:/Program Files/Apache Software Foundation/Apache24/logs/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: SRVROOT=c:/PROGRA~1/APACHE~1/Apache24
Define: HTTPp=81
Define: HTTPSp=444
Define: MODSEC_2.5
Define: MODSEC_2.8
|
Thanks in advance |
|
Back to top |
|
|
|
|
|
|