url redirct of ssl enabled vhost

Asked by XnimrodunterX on 2009-04-07

Hello again.

I have am using apache and have a Virtualhost enabled with ssl and this works great, using a godaddy ssl cert.

my question is the certificate is only assigned to one domain name. www.domain.com

so in my browser if i go to www.domain.com or domain.com the ssl certificate works with no problems.

i am having an issue with haveing www.domain.org and www.domain.net redirect to www.domain.com over port 443. Since apache does not support NamedVirthual Hosts over port 443 how can i create a virtual host using the the name and alias of www.domain.net and www.domain.org using port 443 and redirect to vhost www.domain.com?

if i try to add a second vhost using the same ip and port apache does not like it but i don't want to use another routeable ip to get this to work.

Can this be done? or can i add these redirect in the original ssl enabled vhost?

or has anyone had success with mod_gnutls? if so how do you set this up with ubuntu 8.10?

Thanks

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu apache2 Edit question
Assignee:
No assignee Edit question
Solved by:
XnimrodunterX
Solved:
2009-04-08
Last query:
2009-04-08
Last reply:
2009-04-08
Craig Huffstetler (xq) said : #1

Mod_GNUTLS will help a bit. You can always generate separate self-signed certificates for domains, no matter what, and use these self-signed certificates on any domain.

I think what you're trying to do is not "buy" more than 1 "trusted authority" certificate and use the one you have on all 3 domains. This can not be done. You would have to have separate trusted authoritative certificates for each domain. What you can do, however, is forward the other domains to the one domain (domain X) from domain Y,Z. This would work and domain X could be the trusted domain.

Would this work or do they all have separate content?

To read more about mod_gnutls see this page:
http://www.g-loaded.eu/2007/08/10/ssl-enabled-name-based-apache-virtual-hosts-with-mod_gnutls/

It's a great guide as well as good information. Apache is Apache no matter the server. So, we can get it to work on Ubuntu 8.10. A good source of information, besides here, is the Apache user's mailing list, and #apache on Freenode.

Apache user's mailing list: http://httpd.apache.org/lists.html#http-users

XnimrodunterX (sgoldschmidt) said : #2

i understand that for each domain there needs to be a seperate certificate, but like you stated what i want is for domain x to have the signed cert and have domain y and z redirct on the apache side to domain x. domain y and z will not have seperate content.

my problem is when i create another <virtualhost 192.168.100.25:443> for domain y and z, since domain x already has <virtualhost 192.168.100.25:443> upon restart of apache i get an error stating that domain 192.168.100.25:443 already is assigned, and that i should try the <named virtual host *:443> directive. but since apache does not support <named virtual host> over ssl port 443 i don't know how to set up domain y and z to redirect to domain x.

can i add the redirect of y and z domain inside of the <virtualhost> for x domain? i tried it by addind redirect / https://domain.com/ and the site just sits in a loop and does not open. am i missing something or does this redirect have to be tagged otherway first?

XnimrodunterX (sgoldschmidt) said : #3

What i have done what enabled

NameVirtualHost x.x.x.x:443 in my ports.conf file

and in my vhost.conf file i added the additional virtualhost to port 443 with the redirect os y and z to domain x

since the certificates are all valid i don't seem to be having a problem with this config.

thanks for your help