logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Using short hostname in local domain to access ssl vhosts
Author
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Fri 25 Aug '17 11:19    Post subject: Using short hostname in local domain to access ssl vhosts Reply with quote

Hi all,

using Apache 2.4.18 on Ubuntu 16.04.3 LTS

I need ssl protected vhosts in a local domain. For that we have a wildcard certificate for *.myprivatedomain.local
This is working when users type in the fqdn of the vhost ("site1.myprivatedomain.local") in their browser. Using the host name only, the browser complains about wrong certificate.

If I understand the manual correctly, apache uses the value from host: field in the http header of the requested site.

At first sight this seems logical, because "site1" is not enough info for apache to take the right certificate.

Long story, short question: is there a way to have apache looking for "site1.myprivatedomain.local" when in the header the host: "site1" is requested? Maybe some sort of force dns lookup?

If you need my configuration, please let me know.

Thank you very much for your help.


Alex
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7371
Location: Germany, Next to Hamburg

PostPosted: Mon 28 Aug '17 23:08    Post subject: Reply with quote

if you use only name based vhosts it shouldn't be a problem.

like

Code:
<VirtualHost *:443>
    ServerName site1.myprivatedomain.local
Back to top
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Thu 31 Aug '17 9:38    Post subject: Reply with quote

Hi James,

thank you for your advice. Unfortunately it doesn't work. My browser complains that the certificate is for an other address...

Here is my config for the sake of completeness:

<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/ssl/certs/ws_h_local.cer
SSLCertificateChainFile /etc/ssl/certs/ws_h_local_CA.cer
SSLCertificateKeyFile /etc/ssl/private/ws_h_local.key

ServerAdmin webmaster@localhost
ServerName site1.myprivatedomain.local
ServerAlias site1
DocumentRoot /var/www/html/mediawiki

<Directory /var/www/html/mediawiki/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
</VirtualHost>


I will dig in more log infos... maybe I will find some hints...

Regards
Alex
Back to top
ithoki



Joined: 25 Aug 2017
Posts: 3
Location: Germany

PostPosted: Thu 31 Aug '17 15:29    Post subject: Reply with quote

Eventually I managed to get things work.

In the virtual host config file for http://site1 I added

Redirect "/" "https://site1.myprivatedomain.local/"

This works.

With kind regards


Alex
Back to top


Reply to topic   Topic: Using short hostname in local domain to access ssl vhosts View previous topic :: View next topic
Post new topic   Forum Index -> Apache