Apache Virtual Host by name

Question

Is it possible to replace "*" with a domain name or subdomain?

<VirtualHost *:443>

update

The problem is that I get this error on booting up apache:

[Mon Aug 16 13:42:48 2010] [warn] _default_ VirtualHost overlap on port 443, the first has precedence

I have a virtualHost on :443 for a subdomain and one for a primary domain. When I remove the subdomain I no longer get that error.

as a side note, if this configuration can be more efficient, please let me know how

domain.com config

<VirtualHost *:80>
 ServerAdmin webmaster@domain.com
 ServerName  www.domain.com
 ServerAlias domain.com
 ServerAlias xx.xxx.xxx.xx

 # Directory Root.
 DocumentRoot /sites/domain.com/www/

 # Logfiles
 ErrorLog  /sites/domain.com/logs/error.log
 CustomLog /sites/domain.com/logs/access.log combined
</VirtualHost>

<VirtualHost *:443>
 ServerName  www.domain.com

 # Directory Root.
 DocumentRoot /sites/domain.com/www/

 # Enable SSL
 SSLEngine On
 SSLCertificateFile  /sites/domain.com/ssl/star_domain_com.crt
 SSLCertificateKeyFile /sites/domain.com/ssl/ikeyless.key
 SSLCertificateChainFile /sites/domain.com/ssl/DigiCertCA.crt
 SetEnvIf User-Agent ..*MSIE.*. nokeepalive ssl-unclean-shutdown
</VirtualHost>

support.domain.com config

<VirtualHost *:80>
 ServerName support.domain.com

 # Directory Root.
 DocumentRoot /sites/support.domain.com/www/

 # Logfiles
 ErrorLog  /sites/support.domain.com/logs/error.log
 CustomLog /sites/support.domain.com/logs/access.log combined
</VirtualHost>

<VirtualHost *:443>
 ServerName support.domain.com

 # Directory Root.
 DocumentRoot /sites/support.domain.com/www/

 # Logfiles
 ErrorLog  /sites/support.domain.com/logs/error.log
 CustomLog /sites/support.domain.com/logs/access.log combined

 # Enable SSL
 SSLEngine On
 SSLCertificateFile  /sites/domain.com/ssl/star_domain_com.crt
 SSLCertificateKeyFile /sites/domain.com/ssl/domain.key
 SSLCertificateChainFile /sites/domain.com/ssl/DigiCertCA.crt
 SetEnvIf User-Agent ..*MSIE.*. nokeepalive ssl-unclean-shutdown
</VirtualHost>

When I try to access support.domain.com it points to domain.com and won't load our support site when in https, it works fine in http.

Mike Fiedler · Answer 1 · 2010-08-16T18:35:19.330

Yes, this is a very powerful part of apache's configuration.

For example, suppose that you are serving the domain www.domain.tld and you wish to add the virtual host www.otherdomain.tld, which points at the same IP address. Then you simply add the following to httpd.conf:

NameVirtualHost *:80

<VirtualHost *:80>
    ServerName www.domain.tld
    ServerAlias domain.tld *.domain.tld
    DocumentRoot /www/domain
</VirtualHost>

<VirtualHost *:80>
    ServerName www.otherdomain.tld
    DocumentRoot /www/otherdomain
</VirtualHost>

See full documentation here: http://httpd.apache.org/docs/2.2/vhosts/

The final answer: Add the NameVirtualHost *:443 directive to your default config.

score 2 · Answer 2 · answered Aug 16 '10 at 17:46

2

You can specify a specific IP in place with the asterisk, as long as the IP is specified with NameVirtualHost. The name is specified in ServerName and ServerAlias.

The asterisk is matching all IP addresses that Apache binds to in the VirtualHost.

answered Aug 16 '10 at 17:46

Warner

24,174
2
63
69

Andrejs Cainikovs · Answer 3 · 2010-08-17T08:09:30.403

Not for SSL:

You cannot use name based virtual hosts with SSL because the SSL handshake (when the browser accepts the secure Web server's certificate) occurs before the HTTP request, which identifies the appropriate name based virtual host. If you plan to use name-based virtual hosts, remember that they only work with your non-secure Web server.

Update:

Apparently latest web servers supports this.. Check the link provided by Warner.

score 0 · Answer 4 · answered Aug 16 '10 at 19:16

Have you done anything with default virtual host it makes?

If you don't do any customization apache will make a separate config file for some SSL stuff in conf.d/ssl.conf, and in there it declares a virtual host named _default_:443.

If I add a vhost as *:443 in my main config it gives the same error, and if I remove the _default_:443 vhost in the conf.d/ssl.conf it doesn't.

score 0 · Accepted Answer · answered Sep 02 '10 at 18:12

0

We resolved this issue by putting all of our SSL on a specific IP address and then all other sites on a secondary IP. When we did this, everything worked.

answered Sep 02 '10 at 18:12

Ben

3,970
20
69
101

Apache Virtual Host by name

5 Answers5