logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Problem with virtual host sites served under http and https
Author
GoofyX



Joined: 13 Jan 2020
Posts: 6
Location: Greece

PostPosted: Sat 18 Sep '21 11:56    Post subject: Problem with virtual host sites served under http and https Reply with quote

Environment: Debian 10, Apache 2.4.38.

The server serves a number of sites (virtual hosts) under HTTPS and plain HTTP. The problem is that if you request a site that is served only in port 80 using https in front of the hostname, you get the first HTTPS site that is configured. Example:

http://site1 (port 80 only)
http(s)://site2 (port 80 and 443, when you hit http://site2 you get redirected to its https version)
http(s)://site3 (port 80, 443, same as site2)
etc...

My problem is when you request site1 using https://site1, while the url remains as is, you get site2 and a browser security warning, since the certificate for site2 does not match the actual url.

Can this be fixed? I don't want site1 to be served at all when requested with https.
Back to top
tangent
Moderator


Joined: 16 Aug 2020
Posts: 305
Location: UK

PostPosted: Mon 20 Sep '21 0:17    Post subject: Reply with quote

You say you don't have a secure virtual host definition for site1, so according to https://httpd.apache.org/docs/2.4/mod/core.html#virtualhost
    If no matching name-based virtual host is found, then the first listed virtual host that matched the IP address will be used.
If site2 is your first secure virtual host, that will pick up site1 secure requests, and hence you get the certificate challenge.

If you really don't want to serve site1 over https, with its own virtual host and certificate, then could you add https://site1 to the https://site2 certificate as a Subject Alternate Name (SAN) entry, and then in the site2 virtual host redirect https://site1 requests to http://site1, e.g.
Code:
RewriteEngine on
RewriteCond %{HTTPS} on
RewriteCond %{HTTP_HOST} =site1 [NC]
RewriteRule ^/(.*)$ http://%{HTTP_HOST}/$1 [L,NE,R=302]

You might also need to add a ServerAlias for site1 to the site2 virtual host.
Back to top
GoofyX



Joined: 13 Jan 2020
Posts: 6
Location: Greece

PostPosted: Sat 25 Sep '21 21:11    Post subject: Reply with quote

I didn't realize you replied, I got no notification from the forum software.

I will try your suggestion, it seems to be correct and let you know.

Thanks!
Back to top


Reply to topic   Topic: Problem with virtual host sites served under http and https View previous topic :: View next topic
Post new topic   Forum Index -> Apache