-1

I have multiple virtual hosts on port 80 and 443. They all work. The problem comes when addressing the web server by a name not mentioned as a vhost.

The documentation says:

If the lookup fails (the IP address wasn't found) the request is served from the default vhost if there is such a vhost for the port to which the client sent the request. If there is no matching default vhost the request is served from the main_server.

But in my case content is server from the main_server instead of the default vhost. I have tried using both _default_ and * for this default vh

I have

NameVirtualHost *:80
NameVirtualHost *:443

And directives like:

<VirtualHost *:80>
        ServerName example.com
        ServerAlias www.example.com

and 

<VirtualHost *:443>
        ServerName example.com
        ServerAlias www.example.com

Running apachectl -S Shows my carefully named default vhost.

wildcard NameVirtualHosts and _default_ servers:
*:443                  is a NameVirtualHost
     default server 00default.example.com (/etc/httpd/sites.d/00default.example.com:29)
     port 443 namevhost 00default.example.com (/etc/httpd/sites.d/00default.example.com:29)
         alias www.00default.example.com
     port 443 namevhost example.com (/etc/httpd/sites.d/example.com:29)
         alias www.example.com

...

*:80                   is a NameVirtualHost
     default server 00default.example.com (/etc/httpd/sites.d/00default.example.com:1)
     port 80 namevhost 00default.example.com (/etc/httpd/sites.d/00default.example.com:1)
         alias www.00default.example.com
     port 80 namevhost example.com (/etc/httpd/sites.d/example.com:1)
        alias www.example.com

If I visit

http://www.example.com/phpinfo/

It works fine. But

https://www.example.com/phpinfo/

Fails. This is because Apache attempts to serve this request from the document root configured for the main server in the default conf file. "Main server" is defined here: http://httpd.apache.org/docs/2.2/vhosts/details.html

www.example.com is the actual hostname of the server and

https://www/phpinfo/

or

https://ip.address/phpinfo/

Both work.

It's my understanding that a wildcard default vhost overrides the main server config as it is doing in the case of the HTTP version. Why does it not work for the HTTPS version?

Sample Vhost config:

<VirtualHost *:443>
    ServerName example.com
    ServerAlias www.example.com
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/example.com
    #ErrorLog logs/example.com/error_log
    #TransferLog logs/example.com/access_log
    SSLEngine on
    SSLCertificateFile /etc/httpd/certs.d/example.com.crt
    SSLCertificateKeyFile /etc/httpd/certs.d/example.com.key
    SSLCertificateChainFile /etc/httpd/certs.d/example.com.chain
    <Directory />
            Options FollowSymLinks
            AllowOverride None
    </Directory>
    <Directory /var/www/example.com/>
            AddType application/x-httpd-php .php
    </Directory>
    <Directory /var/www/example.com/>
            Options Indexes FollowSymLinks MultiViews
            AllowOverride All
            Order allow,deny
            allow from all
    </Directory>
</VirtualHost>

There is also a section preceding the one above, for port 80, that is identical except for the port and the absence of the lines starting "SSL".

Neik
  • 374
  • 2
  • 3
  • 10
  • It fails in that it looks for the phpinfo directory in the wrong place. So I get a 404 error. Yes my browser supports SNI and `https://www/phpinfo/` (SSL with the short hostname) works. – Neik Oct 13 '14 at 20:34
  • Not a duplicate. I have multiple domains on the same IP/port working. The vhosts work. The issue is the main server config being used instead of the "default" config. – Neik Oct 15 '14 at 13:11

2 Answers2

0

Define "Fails". Do you have an SSL cert installed for the default vhost? Do you just get a browser warning about the wrong cert? Or do you actually get back the wrong content?

Does your browser support SNI? SNI is needed to handle multiple SSL certs installed at the same IP.

Slashterix
  • 612
  • 1
  • 5
  • 19
0

After looking at your comments, this is how I would achieve what you're looking for:

(There may be a better way to do this, but this works)

Set 2 different roots with the DocumentRoot property:

<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName example.com
DocumentRoot /var/ssl_content
</VirtualHost>

<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName example.com
DocumentRoot /var/www
</VirtualHost>

Next, Symlink your port 80 Virtual host Root into a new directory for the port 443 Host

ln -s /var/www /var/ssl_content

This should create 2 paths to the same content and allow requests over 443 or 80.

Dan O'Boyle
  • 237
  • 3
  • 10
  • I have different DocumentRoot for all of the vhosts and the main server. I don't want the main server to get used at all. – Neik Oct 15 '14 at 06:05
  • When you say main server, do you mean the default port 80 vhost? Are you saying you want all traffic to be over the 443 host but http requests made on 80 to be directred to 443? Update your question a bit and ill try to help. – Dan O'Boyle Oct 15 '14 at 14:20
  • I mean main server as described here http://httpd.apache.org/docs/2.4/vhosts/details.html I want traffic on port 80 and 433 to go to the same host, with and without SSL respectively. – Neik Oct 15 '14 at 15:26
  • @Neik Try it now... – Dan O'Boyle Oct 15 '14 at 15:39