1

I've seen many similar questions about hosting multiple vhosts, one per IP, but couldn't find one regarding multiple vhosts PER IP.

In short, I have a single Apache2 server that needs to host multiple SSL certs. I have two separate IPs on the box. I have three domains on IP(a), one with multiple sub-domains on IP(b), like so:

IP(a) - SSL(a)
 - https:://domain1
 - domain2
 - domain3

IP(b) - SSL(b)
 - https://sub1.domain4
 - https://sub2.domain4
 - https://sub3.domain4

As I recently added IP(b), my first step is to transition domain4 to that IP. In the vhost conf file for the sub1, sub2, sub3.domain entries, I switched <VirtualHost *:80> to <VirtualHost IP(b):80>. Restarting Apache, I get the following error:

[warn] VirtualHost 173.230.156.48:80 overlaps with VirtualHost 173.230.156.48:80, the first has precedence, perhaps you need a NameVirtualHost directive

I have the following NameVirtualHost entries in my apache.conf:

NameVirtualHost *:80
NameVirtualHost *:443

Any pointers on the proper way to proceed? Thanks.

UPDATE:

Per Shane's answer and others, I've changed the following in my config, but now having an issue serving IP(a):443 content:

ports.conf

Listen IP(a):80
Listen IP(b):80
<IfModule mod_ssl.c>
    Listen IP(a):443
    Listen IP(b):443
</IfModule>

virtual.conf

NameVirtualHost IP(a):80
NameVirtualHost IP(b):80
NameVirtualHost IP(a):443
NameVirtualHost IP(b):443

All non-SSL sites that I want served on IP(a) are now:

<VirtualHost IP(a):80>

All SSL sites on IP(a) are now:

<VirtualHost IP(a):443>

All non-SSL sites on IP(b) are now:

<VirtualHost IP(b):80>

All SSL sites on IP(b) are now:

<VirtualHost IP(b):443>

All sites on IP(a):80, IP(b):80 and IP(b):443 are being served correctly. Nothing on IP(a):443 is being served, and when starting Apache, I get the following warning:

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

I've changed my default file to respond to IP(a):

<VirtualHost IP(a):80>

And changed my default-ssl file to respond to IP(a) as well:

<VirtualHost IP(a):443>

Anything clearly wrong with the above? I've tried changing the settings a number of different ways, but the above warning seems to always be generated.

Unpossible
  • 143
  • 1
  • 9

2 Answers2

3

Your NameVirtualHost directives must match exactly to your <VirtualHost> definitions.

So if you have:

<VirtualHost 192.0.2.1:80>
  ServerName domain1
</VirtualHost>
<VirtualHost 192.0.2.1:80>
  ServerName domain2
</VirtualHost>

...then NameVirtualHost *:80 doesn't apply, you need to use NameVirtualHost 192.0.2.1:80.

Shane Madden
  • 112,982
  • 12
  • 174
  • 248
  • Almost got it - this resolved the post 80 issues, but now having an issue on port 443 - I've edited my question above. – Unpossible Jan 15 '13 at 17:27
  • 1
    @PaulMennega Seems like a `_default_` vhost config from somewhere else must have slipped in.. can you edit the output of `apachectl -S` into your question? – Shane Madden Jan 16 '13 at 01:07
  • That did it - had an old vhost config on the server that I didn't have locally when editing the configs... `apachectl -S` did the trick. Cheers! – Unpossible Jan 16 '13 at 03:16
0

You might want to check out these links:

http://de.wikipedia.org/wiki/Server_Name_Indication as an explanation

and

http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

on how to configurate.

Hope this helps.

MaddinXx
  • 158
  • 1
  • 7