This is how I do it. It is a vhost file configured for http (port 80) and
https (port 443).
Hope it helps
<VirtualHost 208.83.1.1:80>
ServerAdmin webmaster at domain.com
ServerName my.domain.com
DocumentRoot /var/www/domain.com/my/public/
<Directory /var/www/domain.com/my/public/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
# Setup error documents directory outside docroot
Alias /error/ /var/www/error/
# Setup our aliased /error directory for SSI
<Directory /var/www/error/>
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en es de fr
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
# Set .htaccess to different name and explicitly deny access to it.
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
# Possible values include: debug, info, notice, warn, error, crit, alert,
emerg.
LogLevel warn
ErrorLog /var/www/domain.com/my/log/error.log
CustomLog /var/www/domain.com/my/log/access.log combined
ServerSignature Off
</VirtualHost>
<VirtualHost 208.83.1.1:443>
ServerAdmin webmaster at domain.com
ServerName my.domain.com
DocumentRoot /var/www/domain.com/my/public/
<Directory /var/www/domain.com/my/public/>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /var/www/domain.com/my/ssl/domain.com.my.crt
SSLCertificateKeyFile /var/www/domain.com/my/ssl/domain.com.my.key
SSLCACertificateFile /var/www/domain.com/my/ssl/domain.com.my.ca-bundle
SSLProtocol -ALL +SSLv3 +TLSv1
# SSLProtocol -ALL +TLSv1
SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
# Setup error documents
Alias /error/ "/usr/share/apache2/error/"
<Directory "/usr/share/apache2/error">
AllowOverride None
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
Order allow,deny
Allow from all
LanguagePriority en cs de es fr it nl sv pt-br ro
ForceLanguagePriority Prefer Fallback
</Directory>
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
ErrorDocument 410 /error/HTTP_GONE.html.var
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
# Set .htaccess to different name and explicitly deny access to it.
AccessFileName .htaccess
<Files ~ "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</Files>
# Possible values include: debug, info, notice, warn, error, crit, alert,
emerg.
LogLevel warn
ErrorLog /var/www/domain.com/my/log/ssl_error.log
CustomLog /var/www/domain.com/my/log/ssl_access.log combined
ServerSignature Off
</VirtualHost>
Tracy Phillips
On Sun, Sep 20, 2009 at 2:36 AM, Niki Kovacs <contact at kikinovak.net>
wrote:
> Hi,
>
> I successfully managed to use SSL on a local webserver for testing
> purposes, following the section "Using SSL" in the Chapter
"Using
> Apache" of the "Definitive Guide to CentOS". Now I wonder:
how can I use
> SSL with virtual hosts?
>
> I have several virtual hosts defined. Let's say I want to use SSL with
> this one:
>
> <VirtualHost *:80>
> ServerAdmin info at microlinux.fr
> DocumentRoot /var/www/html/microlinux
> ServerName buildbox.presbytere.local
> ServerAlias microlinux.buildbox.presbytere.local
> ServerAlias microlinux.buildbox
> ErrorLog logs/microlinux-error_log
> CustomLog logs/microlinux-access_log common
> </VirtualHost>
>
> The key and certificate files are located in /etc/certs:
>
> # ls -lh /etc/certs
> total 12K
> -rw-r--r-- 1 root root 981 sep 20 11:06 microlinux.crt
> -rw-r--r-- 1 root root 716 sep 20 11:04 microlinux.csr
> -rw-r--r-- 1 root root 887 sep 20 11:11 microlinux.key
>
> I'm not sure about the correct syntax to use SSL on this one. Where do
I
> configure SSLCertificateFile and SSLCertificateKeyFile? In the virtual
> host stanza? Before trying various haphazard configurations, I thought
> I'd better ask here.
>
> Niki
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.centos.org/pipermail/centos/attachments/20090920/5031b6d4/attachment.html>