logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: SNI not works on apache 2.4 ?
Author
olan75



Joined: 28 May 2019
Posts: 2
Location: Naples

PostPosted: Tue 28 May '19 11:44    Post subject: SNI not works on apache 2.4 ? Reply with quote

Hi all, I am using apache lounge on my server windows server 2008 r2 ,

i have made migration from apache 2.2 (x86) to apache 2.4 (x64) because i need to use php 5.6.20 not supported for apache 2.2 and now I have a problem with SNI,

SNI for apache 2.4 doesnt'works, it returns the ssl certificate of first virtualhost for all'virtual hosts whit ssl definition, i need help please,

I have the same problem with both vc15 and vc14

with apache 2.2 it was enough for me to insert the directives:
NameVirtualHost *: 443
SSLStrictSNIVHostCheck on

that SNI has started to work, while with the 2.4 the NameVirtualHost directive must be eliminated, however with the only SSLStrictSNIVHostCheck on directive with the 2.4 version, SNI does not work.

maybe on the 2.4 I have to activate some different module than the 2.2?

Thanks in advance!

right now I'm stuck at 2.2 of apache

How can I do, thank you very much.

this are two of my virtualhosts
Code:


<virtualhost *:443>   
  ServerName www.mandorlebio.it 
  ServerAlias *mandorlebio.it
  JkMount /* worker_4473
     
  SSLEngine on
 SSLCertificateKeyFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.private.key
  SSLCertificateFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.crt
  SSLCertificateChainFile conf/ssl/www.mandorlebio.it/www_mandorlebio_it.ca-bundle
   
</virtualhost>



<virtualhost *:443> 
  ServerName www.ciclosportservice.it 
  ServerAlias *ciclosportservice.it
  JkMount /* worker_2228       

  SSLEngine on
  # il file www.dponetwork.it.private.key     viene scaricato insieme al csr
  SSLCertificateKeyFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.private.key
  SSLCertificateFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.crt
  SSLCertificateChainFile conf/ssl/www.ciclosportservice.it/www_ciclosportservice_it.ca-bundle 
 

  DocumentRoot "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it"   
   <Directory "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it/">
                     
      Require all granted   
        Options -Indexes
   </Directory>
  Alias /httpdoc "G:/Apache2.2_docs/htdocs/vhosts/ciclosportservice.it"       
 
  #esclude la directory /httpdocs dal JkMount
  SetEnvIf Request_URI "/httpdoc/*" no-jk     
 
</virtualhost>

Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7288
Location: Germany, Next to Hamburg

PostPosted: Mon 03 Jun '19 12:54    Post subject: Reply with quote

if you run in cmd

/path/to/httpd.exe -S

what do you get?
Back to top
olan75



Joined: 28 May 2019
Posts: 2
Location: Naples

PostPosted: Thu 06 Jun '19 11:08    Post subject: Reply with quote

James Blond wrote:
if you run in cmd

/path/to/httpd.exe -S

what do you get?



I state that I am testing SNI for Apache 2.4 using port 81 for http and 444 for https (because on the same server is also active for production Apache 2.2 on ports 80 and 443 with SNI functioning correctly) however if I stop Apache 2.2 and start Apache 2.4 on ports ports 80 and 443 I have exactly the same problem therefore it is excluded that it depends on the doors used.

this is the otutput of the command you suggested to me:
Code:

C:\Program Files\Apache Software Foundation\Apache24\bin>httpd -S
VirtualHost configuration:
*:81                   is a NameVirtualHost
         default server localhost (C:/Program Files/Apache Software Foundation/A
pache24/conf/httpd.conf:634)
         port 81 namevhost localhost (C:/Program Files/Apache Software Foundatio
n/Apache24/conf/httpd.conf:634)
         port 81 namevhost www.management.igmtouch.it (C:/Program Files/Apache S
oftware Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf:
1)
                 alias management.igmtouch.it
         port 81 namevhost www.ciclosportservice.it (C:/Program Files/Apache Sof
tware Foundation/Apache24/conf/virtual-hosts-conf/ciclosportservice.it.conf:17)
                 wild alias *ciclosportservice.it
*:444                  is a NameVirtualHost
         default server www.management.igmtouch.it (C:/Program Files/Apache Soft
ware Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf:48)

         port 444 namevhost www.management.igmtouch.it (C:/Program Files/Apache
Software Foundation/Apache24/conf/virtual-hosts-conf/management.igmtouch.it.conf
:48)
                 wild alias *management.igmtouch.it
         port 444 namevhost www.ciclosportservice.it (C:/Program Files/Apache So
ftware Foundation/Apache24/conf/virtual-hosts-conf/ciclosportservice.it.conf:28)

                 wild alias *ciclosportservice.it
ServerRoot: "C:/Program Files/Apache Software Foundation/Apache24"
Main DocumentRoot: "C:/Program Files/Apache Software Foundation/Apache24/htdocs"

Main ErrorLog: "C:/Program Files/Apache Software Foundation/Apache24/logs/ssl_en
gine.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="C:/Program Files/Apache Software Foundation/Apache24/logs/"
mechanism=default
PidFile: "C:/Program Files/Apache Software Foundation/Apache24/logs/httpd.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
Define: SRVROOT=c:/PROGRA~1/APACHE~1/Apache24
Define: HTTPp=81
Define: HTTPSp=444
Define: MODSEC_2.5
Define: MODSEC_2.8

Thanks in advance
Back to top


Reply to topic   Topic: SNI not works on apache 2.4 ? View previous topic :: View next topic
Post new topic   Forum Index -> Apache