Multiple named vhosts per IP in Apache2

Question

I've seen many similar questions about hosting multiple vhosts, one per IP, but couldn't find one regarding multiple vhosts PER IP.

In short, I have a single Apache2 server that needs to host multiple SSL certs. I have two separate IPs on the box. I have three domains on IP(a), one with multiple sub-domains on IP(b), like so:

IP(a) - SSL(a)
 - https:://domain1
 - domain2
 - domain3

IP(b) - SSL(b)
 - https://sub1.domain4
 - https://sub2.domain4
 - https://sub3.domain4

As I recently added IP(b), my first step is to transition domain4 to that IP. In the vhost conf file for the sub1, sub2, sub3.domain entries, I switched <VirtualHost *:80> to <VirtualHost IP(b):80>. Restarting Apache, I get the following error:

[warn] VirtualHost 173.230.156.48:80 overlaps with VirtualHost 173.230.156.48:80, the first has precedence, perhaps you need a NameVirtualHost directive

I have the following NameVirtualHost entries in my apache.conf:

NameVirtualHost *:80
NameVirtualHost *:443

Any pointers on the proper way to proceed? Thanks.

UPDATE:

Per Shane's answer and others, I've changed the following in my config, but now having an issue serving IP(a):443 content:

ports.conf

Listen IP(a):80
Listen IP(b):80
<IfModule mod_ssl.c>
    Listen IP(a):443
    Listen IP(b):443
</IfModule>

virtual.conf

NameVirtualHost IP(a):80
NameVirtualHost IP(b):80
NameVirtualHost IP(a):443
NameVirtualHost IP(b):443

All non-SSL sites that I want served on IP(a) are now:

<VirtualHost IP(a):80>

All SSL sites on IP(a) are now:

<VirtualHost IP(a):443>

All non-SSL sites on IP(b) are now:

<VirtualHost IP(b):80>

All SSL sites on IP(b) are now:

<VirtualHost IP(b):443>

All sites on IP(a):80, IP(b):80 and IP(b):443 are being served correctly. Nothing on IP(a):443 is being served, and when starting Apache, I get the following warning:

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

I've changed my default file to respond to IP(a):

<VirtualHost IP(a):80>

And changed my default-ssl file to respond to IP(a) as well:

<VirtualHost IP(a):443>

Anything clearly wrong with the above? I've tried changing the settings a number of different ways, but the above warning seems to always be generated.

score 3 · Accepted Answer · answered Jan 14 '13 at 17:36

3

Your NameVirtualHost directives must match exactly to your <VirtualHost> definitions.

So if you have:

<VirtualHost 192.0.2.1:80>
  ServerName domain1
</VirtualHost>
<VirtualHost 192.0.2.1:80>
  ServerName domain2
</VirtualHost>

...then NameVirtualHost *:80 doesn't apply, you need to use NameVirtualHost 192.0.2.1:80.

answered Jan 14 '13 at 17:36

Shane Madden

112,982
12
174
248

Almost got it - this resolved the post 80 issues, but now having an issue on port 443 - I've edited my question above. – Unpossible Jan 15 '13 at 17:27
1

@PaulMennega Seems like a `_default_` vhost config from somewhere else must have slipped in.. can you edit the output of `apachectl -S` into your question? – Shane Madden Jan 16 '13 at 01:07
That did it - had an old vhost config on the server that I didn't have locally when editing the configs... `apachectl -S` did the trick. Cheers! – Unpossible Jan 16 '13 at 03:16

score 0 · Answer 2 · answered Jan 15 '13 at 21:51

0

You might want to check out these links:

http://de.wikipedia.org/wiki/Server_Name_Indication as an explanation

and

http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI

on how to configurate.

Hope this helps.

answered Jan 15 '13 at 21:51

MaddinXx

158
1
7

This is not applicable - we have two IP addresses and do not need SNI. – Unpossible Jan 15 '13 at 22:09

Multiple named vhosts per IP in Apache2

2 Answers2