Topic: Using short hostname in local domain to access ssl vhosts

[ithoki]

Hi all,

using Apache 2.4.18 on Ubuntu 16.04.3 LTS

I need ssl protected vhosts in a local domain. For that we have a wildcard certificate for *.myprivatedomain.local
This is working when users type in the fqdn of the vhost ("site1.myprivatedomain.local") in their browser. Using the host name only, the browser complains about wrong certificate.

If I understand the manual correctly, apache uses the value from host: field in the http header of the requested site.

At first sight this seems logical, because "site1" is not enough info for apache to take the right certificate.

Long story, short question: is there a way to have apache looking for "site1.myprivatedomain.local" when in the header the host: "site1" is requested? Maybe some sort of force dns lookup?

If you need my configuration, please let me know.

Thank you very much for your help.


Alex

[James Blond]

if you use only name based vhosts it shouldn't be a problem.

like

[ithoki]

Hi James,

thank you for your advice. Unfortunately it doesn't work. My browser complains that the certificate is for an other address...

Here is my config for the sake of completeness:

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ws_h_local.cer
SSLCertificateChainFile /etc/ssl/certs/ws_h_local_CA.cer
SSLCertificateKeyFile /etc/ssl/private/ws_h_local.key

ServerAdmin webmaster@localhost
ServerName site1.myprivatedomain.local
ServerAlias site1
DocumentRoot /var/www/html/mediawiki

<Directory /var/www/html/mediawiki/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>


I will dig in more log infos... maybe I will find some hints...

Regards
Alex

[ithoki]

Eventually I managed to get things work.

In the virtual host config file for http://site1 I added

Redirect "/" "https://site1.myprivatedomain.local/"

This works.

With kind regards


Alex