Author |
|
Rogart
Joined: 02 Dec 2021 Posts: 5 Location: Germany, Munich
|
Posted: Thu 02 Dec '21 19:51 Post subject: Configure Apache on Windows: 2 Domains, 2 SSL Certificates |
|
|
Hi there,
I've got a problem installing a secondary SSL-certificate (Letsencrypt) for a second domain on the same server:
First Domain: http://ppctip.com redirects correct to https://ppctip.com
Second Domain: http://magicmama.de works: https://magicmama.de redirects wrong to https://ppctip.com
I assume it's a problem with the configuration in the httpd-ssl.conf. I tried to configure both virtual hosts in this file, but I'm not sure if this is possible.
Here is some basic information:
Webserver: Apache-2.4.51
Operating System: Windows 10
Certificates generated with: win-acme
httpd-ssl.conf File:
Moved conf file to https://apaste.info/dUoB , see forum rules.
I can't find the right way, can you please help? |
|
Back to top |
|
Rogart
Joined: 02 Dec 2021 Posts: 5 Location: Germany, Munich
|
Posted: Thu 02 Dec '21 22:26 Post subject: |
|
|
The configuration of the V-Hosts shows as follows:
Code: | httpd.exe -t -D DUMP_VHOSTS |
I executed this command using "cmd" in the "bin" folder. Result:
Code: | VirtualHost configuration:
*:80 is a NameVirtualHost
default server ppctip.com (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-vhosts.conf:32)
port 80 namevhost ppctip.com (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-vhosts.conf:32)
alias www.ppctip.com
port 80 namevhost magicmama.de (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-vhosts.conf:41)
alias www.magicmama.de
*:443 is a NameVirtualHost
default server ppctip.com (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-ssl.conf:121)
port 443 namevhost ppctip.com (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-ssl.conf:121)
port 443 namevhost magicmama.de (C:/Program Files/Apache/Apache-2.4.51/conf/extra/httpd-ssl.conf:294) |
|
|
Back to top |
|
Rogart
Joined: 02 Dec 2021 Posts: 5 Location: Germany, Munich
|
|
Back to top |
|
James Blond Moderator
Joined: 19 Jan 2006 Posts: 7360 Location: Germany, Next to Hamburg
|
Posted: Fri 03 Dec '21 10:01 Post subject: |
|
|
I removed all the comments for a better overview
https://apaste.info/Ksbe
The SSL vhosts seem to be okay.
In your port 80 vhosts, there is no redirect to the correct SSL vhost.
Code: |
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
|
|
|
Back to top |
|
Rogart
Joined: 02 Dec 2021 Posts: 5 Location: Germany, Munich
|
Posted: Fri 03 Dec '21 11:54 Post subject: |
|
|
Thanks for your answer.
I inserted the code into the "httpd-vhosts.conf". Did I understand this correctly?
But it has no effect.
Current version of the httpd-vhosts.conf:
https://apaste.info/3MDJ |
|
Back to top |
|
tangent Moderator
Joined: 16 Aug 2020 Posts: 346 Location: UK
|
Posted: Fri 03 Dec '21 16:38 Post subject: |
|
|
James' redirects in your non-secure virtual hosts are perfectly valid.
However, if I go to your secure site https://magicmama.de, and look at the requests / responses, I don't see an explicit redirect to https://ppctip.com.
What I do see though, is content that specifically references https://ppctip.com, e.g.
Code: |
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>PPCtip is under construction</title>
<meta name="description" content="Amazon PPC automatisieren" />
<meta name="generator" content="Kostenloses Wartungsmodus-Plugin für WordPress">
<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto:400,900">
<link rel="stylesheet" href="https://ppctip.com/wp-content/plugins/under-construction-page/themes/css/bootstrap.min.css?v=3.89" type="text/css">
<link rel="stylesheet" href="https://ppctip.com/wp-content/plugins/under-construction-page/themes/css/common.css?v=3.89" type="text/css">
<link rel="stylesheet" href="https://ppctip.com/wp-content/plugins/under-construction-page/themes/under_construction/style.css?v=3.89" type="text/css">
<link rel="stylesheet" href="https://ppctip.com/wp-content/plugins/under-construction-page/themes/css/font-awesome.min.css?v=3.89" type="text/css">
<link rel="icon" sizes="128x128" href="https://ppctip.com/wp-content/plugins/under-construction-page/themes/images/favicon.png" />
</head> |
I presume your PHP code is common to both sites, so can you update your code so that all local requests are site relative, i.e.
Code: |
<link rel="stylesheet" href="/wp-content/plugins/under-construction-page/themes/css/bootstrap.min.css?v=3.89" type="text/css">
<link rel="stylesheet" href="/wp-content/plugins/under-construction-page/themes/css/common.css?v=3.89" type="text/css">
<link rel="stylesheet" href="/wp-content/plugins/under-construction-page/themes/under_construction/style.css?v=3.89" type="text/css">
<link rel="stylesheet" href="/wp-content/plugins/under-construction-page/themes/css/font-awesome.min.css?v=3.89" type="text/css">
<link rel="icon" sizes="128x128" href="/wp-content/plugins/under-construction-page/themes/images/favicon.png" /> |
Would this solve your 'redirect' problem? |
|
Back to top |
|
Rogart
Joined: 02 Dec 2021 Posts: 5 Location: Germany, Munich
|
Posted: Fri 03 Dec '21 19:23 Post subject: |
|
|
For testing I now removed the Wordpress CMS from ppctip.com and replaced it by a default index.php which shows only the PHP-parameters:
The same index.php is in the htdocs folder of magicmama.de.
Current results:
http://ppctip.com: Hostname:Port ppctip.com:0
https://ppctip.com: Hostname:Port ppctip.com:443
http://magicmama.de: Hostname:Port magicmama.de:0
https://magicmama.de: Hostname:Port ppctip.com:443
I'm testing with a proxy (Proxy) because the Server is in my LAN. If I don't use a proxy then my router doesn't route correct. |
|
Back to top |
|
tangent Moderator
Joined: 16 Aug 2020 Posts: 346 Location: UK
|
Posted: Fri 03 Dec '21 20:58 Post subject: |
|
|
Re your phpinfo() result for https://magicmama.de: Code: | Hostname:Port ppctip.com:443 |
If you scroll down to the Apache environment section, you'll see the certificate is lacking a Subject Alternate Name (SAN) entry for magicmama.de, but rather the current SAN entry is for ppctip.com - the same as the Common Name (CN)
Believe you need to update the SAN entry in your certificate accordingly. |
|
Back to top |
|