I'm a linux newb. I'm setting up my own LAMP server on a VPS for the first time. Everything has gone well so far. I am hosting several domains on my VPS which only has 1 IP address (is this called name based virtual hosting?).
Two of the sites on my VPS, bikestore.com and toystore.com, will eventually become ecommerce websites that accept credit card information. I'm in the process of enabling an https version for both sites, so I purchased 1 new IP address for each.
I'm following this guide to install SSL certificates:
http://www.linode.com/wiki/index.php/Apache2_SSL_in_Ubuntu
In creating a /etc/apache2/sites-available/bikestore-ssl and /etc/apache2/sites-available/toystore-ssl, will Apache know that https://bikestore.com should reference IP address 1.1.1.1 with ssl certificate bikestore.crt and that http://toystore.com should reference IP address 2.2.2.2 with ssl certificate toystore.crt?
When inspecting the contents of bikestore-ssl and toystore-ssl, it's not clear to me how apache will know which *-ssl file to assign to which https:// domain. So I hope someone here can explain what's happening and if I'm doing things correctly.
Thanks
Answer
Apache ignores the file names, you have to define the IP addresses in the Virtual Host definitions. For example, for my web site pupeno.com I have:
ServerName pupeno.com
DocumentRoot /var/www/pupeno.com
CustomLog /var/log/apache2/access-pupeno.com.log combined
SSLEngine On
SSLCertificateFile /etc/ssl/certs/pupeno.com.pem
SSLCertificateKeyFile /etc/ssl/private/pupeno.com.pem
#SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
Also, there's no reason to have separate files. I have one file pupeno.com.conf which includes the definition for non-ssl and ssl pupeno.com virtual hosts. Think about what you want to enable and disable in one go with a2ensite and a2dissite. I consider http://pupeno.com and https://pupeno.com the same thing thus it's on pupeno.com.conf.
No comments:
Post a Comment