This is how I do it. It is a vhost file configured for http (port 80) and https (port 443).<br><br>Hope it helps<br><br><VirtualHost <a href="http://208.83.1.1:80">208.83.1.1:80</a>><br><br>  ServerAdmin <a href="mailto:webmaster@domain.com">webmaster@domain.com</a><br>
<br>  ServerName <a href="http://my.domain.com">my.domain.com</a><br><br>  DocumentRoot /var/www/<a href="http://domain.com/my/public/">domain.com/my/public/</a><br><br>  <Directory /var/www/<a href="http://domain.com/my/public/">domain.com/my/public/</a>><br>
    Options Indexes FollowSymLinks MultiViews<br>    AllowOverride All<br>    Order allow,deny<br>    allow from all<br>  </Directory><br><br>  # Setup error documents directory outside docroot<br>  Alias /error/ /var/www/error/<br>
<br>  # Setup our aliased /error directory for SSI<br>  <Directory /var/www/error/><br>    AllowOverride None<br>    Options IncludesNoExec<br>    AddOutputFilter Includes html<br>    AddHandler type-map var<br>    Order allow,deny<br>
    Allow from all<br>    LanguagePriority en es de fr<br>    ForceLanguagePriority Prefer Fallback<br>  </Directory><br><br>  ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var<br>  ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var<br>
  ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var<br>  ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var<br>  ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var<br>  ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var<br>
  ErrorDocument 410 /error/HTTP_GONE.html.var<br>  ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var<br>  ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var<br>  ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var<br>
  ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var<br>  ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var<br>  ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var<br>  ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var<br>
  ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var<br>  ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var<br>  ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var<br><br>  # Set .htaccess to different name and explicitly deny access to it.<br>
  AccessFileName .htaccess<br><br>  <Files ~ "^\.ht"><br>    Order allow,deny<br>    Deny from all<br>    Satisfy All<br>  </Files><br><br>  # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.<br>
  LogLevel warn<br><br>  ErrorLog /var/www/<a href="http://domain.com/my/log/error.log">domain.com/my/log/error.log</a><br>  CustomLog /var/www/<a href="http://domain.com/my/log/access.log">domain.com/my/log/access.log</a> combined<br>
<br>  ServerSignature Off<br><br></VirtualHost><br><br><VirtualHost <a href="http://208.83.1.1:443">208.83.1.1:443</a>><br><br>  ServerAdmin <a href="mailto:webmaster@domain.com">webmaster@domain.com</a><br><br>
  ServerName <a href="http://my.domain.com">my.domain.com</a><br><br>  DocumentRoot /var/www/<a href="http://domain.com/my/public/">domain.com/my/public/</a><br><br>  <Directory /var/www/<a href="http://domain.com/my/public/">domain.com/my/public/</a>><br>
    Options Indexes FollowSymLinks MultiViews<br>    AllowOverride All<br>    Order allow,deny<br>    allow from all<br>  </Directory><br><br>  SSLEngine on<br>  SSLCertificateFile /var/www/<a href="http://domain.com/my/ssl/domain.com.my.crt">domain.com/my/ssl/domain.com.my.crt</a><br>
  SSLCertificateKeyFile /var/www/<a href="http://domain.com/my/ssl/domain.com.my.key">domain.com/my/ssl/domain.com.my.key</a><br>  SSLCACertificateFile /var/www/<a href="http://domain.com/my/ssl/domain.com.my.ca-bundle">domain.com/my/ssl/domain.com.my.ca-bundle</a><br>
  SSLProtocol -ALL +SSLv3 +TLSv1<br>  # SSLProtocol -ALL +TLSv1<br>  SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM<br><br>  # Setup error documents<br>  Alias /error/ "/usr/share/apache2/error/"<br>
<br>  <Directory "/usr/share/apache2/error"><br>      AllowOverride None<br>      Options IncludesNoExec<br>      AddOutputFilter Includes html<br>      AddHandler type-map var<br>      Order allow,deny<br>
      Allow from all<br>      LanguagePriority en cs de es fr it nl sv pt-br ro<br>      ForceLanguagePriority Prefer Fallback<br>  </Directory><br><br>  ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var<br>  ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var<br>
  ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var<br>  ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var<br>  ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var<br>  ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var<br>
  ErrorDocument 410 /error/HTTP_GONE.html.var<br>  ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var<br>  ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var<br>  ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var<br>
  ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var<br>  ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var<br>  ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var<br>  ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var<br>
  ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var<br>  ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var<br>  ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var<br><br>  # Set .htaccess to different name and explicitly deny access to it.<br>
  AccessFileName .htaccess<br><br>  <Files ~ "^\.ht"><br>    Order allow,deny<br>    Deny from all<br>    Satisfy All<br>  </Files><br><br>  # Possible values include: debug, info, notice, warn, error, crit, alert, emerg.<br>
  LogLevel warn<br><br>  ErrorLog /var/www/<a href="http://domain.com/my/log/ssl_error.log">domain.com/my/log/ssl_error.log</a><br>  CustomLog /var/www/<a href="http://domain.com/my/log/ssl_access.log">domain.com/my/log/ssl_access.log</a> combined<br>
<br>  ServerSignature Off<br><br></VirtualHost><br><br><br clear="all">Tracy Phillips<br>
<br><br><div class="gmail_quote">On Sun, Sep 20, 2009 at 2:36 AM, Niki Kovacs <span dir="ltr"><<a href="mailto:contact@kikinovak.net">contact@kikinovak.net</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Hi,<br>
<br>
I successfully managed to use SSL on a local webserver for testing<br>
purposes, following the section "Using SSL" in the Chapter "Using<br>
Apache" of the "Definitive Guide to CentOS". Now I wonder: how can I use<br>
SSL with virtual hosts?<br>
<br>
I have several virtual hosts defined. Let's say I want to use SSL with<br>
this one:<br>
<br>
<VirtualHost *:80><br>
   ServerAdmin <a href="mailto:info@microlinux.fr">info@microlinux.fr</a><br>
   DocumentRoot /var/www/html/microlinux<br>
   ServerName buildbox.presbytere.local<br>
   ServerAlias microlinux.buildbox.presbytere.local<br>
   ServerAlias microlinux.buildbox<br>
   ErrorLog logs/microlinux-error_log<br>
   CustomLog logs/microlinux-access_log common<br>
</VirtualHost><br>
<br>
The key and certificate files are located in /etc/certs:<br>
<br>
# ls -lh /etc/certs<br>
total 12K<br>
-rw-r--r-- 1 root root 981 sep 20 11:06 microlinux.crt<br>
-rw-r--r-- 1 root root 716 sep 20 11:04 microlinux.csr<br>
-rw-r--r-- 1 root root 887 sep 20 11:11 microlinux.key<br>
<br>
I'm not sure about the correct syntax to use SSL on this one. Where do I<br>
configure SSLCertificateFile and SSLCertificateKeyFile? In the virtual<br>
host stanza? Before trying various haphazard configurations, I thought<br>
I'd better ask here.<br>
<br>
Niki<br>
_______________________________________________<br>
CentOS mailing list<br>
<a href="mailto:CentOS@centos.org">CentOS@centos.org</a><br>
<a href="http://lists.centos.org/mailman/listinfo/centos" target="_blank">http://lists.centos.org/mailman/listinfo/centos</a><br>
</blockquote></div><br>