VirtualHost: * vs. _default_
Avi Greenbury
lists at avi.co
Wed Jul 3 08:20:29 UTC 2013
Dotan Cohen wrote:
> When configuring SSL in Apache2, what is the difference between these two lines:
> <VirtualHost *:443>
> <VirtualHost _default_:443>
The former is simply one of a list of virtualhosts, the latter is
specifically the default (the default is normally the one Apache finds
first in its config).
> I've tried limited experimentation, but as I only have this cert for a
> live site I can't be experimenting too long! My end goal is to serve
> SSL for example.com and for sub.example.com, but setting two
> sites-enabled files with the following lines does not work:
> <VirtualHost example.com:443>
> <VirtualHost sub.example.com:443>
I think you're misunderstanding the syntax; you don't put the domain
name in there, you put the IP address (or a wildcard, or the default).
So you might have
<VirtualHost 10.20.30.40:80>
Where you are going to have more than one virtualhost per
IP-address-and-port-combination you need to have told Apache that it
is a name-based virtualhost:
NameVirtualHost 10.20.30.40:80
The 'name' is then set in the virtualhost config with ServerName and
perhaps ServerAlias directives:
NameVirtualHost 10.20.30.40:443
<VirtualHost 10.20.30.40:443>
ServerName example.com
ServerAlias www.example.com
SSLEngine On
SSLCertificateFile /etc/ssl/certs/example.com.crt
SSLCertificateKeyFile /etc/ssl/private/example.com.key
DocumentRoot /home/example/public_html
</VirtualHost>
<VirtualHost 10.20.30.40:443>
ServerName sub.example.com
SSLEngine On
SSLCertificateFile /etc/ssl/certs/example.com.crt
SSLCertificateKeyFile /etc/ssl/private/example.com.key
DocumentRoot /home/example/sub_html
</VirtualHost>
This is assuming you wish to use SNI to allow the use of one IP
address to serve multiple SSL sites; if you can give us more
background as to what you're doing and let us know what's in
/etc/apache2/ports.conf and your vhost files we can probably make a
better guess as to what the solution to your problem is.
--
Avi
More information about the ubuntu-server
mailing list