stackoom
  简体   繁体   中英

Apache always loads the same vhost

 原文  2018-09-17 12:50:41       apache/ virtualhost

Question

I have the following vhosts. However the vhosts always seem to resolve to app.home when using https, the only way to make it load cloud.home is by removing app.home from the vhosts. Whichs leads me to believe that it ignores the ServerName setting.

app.home.conf 

<IfModule mod_ssl.c>
<VirtualHost *:443>
   ServerName app.home
  ProxyPreserveHost On
  ProxyRequests off
  ProxyPass /api/websocket ws://localhost:8123/api/websocket disablereuse=on keepalive=on
  ProxyPassReverse /api/websocket ws://localhost:8123/api/websocket disablereuse=on
  ProxyPass / http://localhost:8123/ disablereuse=on keepalive=on
  ProxyPassReverse / http://localhost:8123/ disablereuse=on#`

  RewriteEngine on
  RewriteCond %{HTTP:Upgrade} =websocket [NC]
  RewriteRule /(.*)  ws://localhost:8123/$1 [P,L]
  RewriteCond %{HTTP:Upgrade} !=websocket [NC]
  RewriteRule /(.*)  http://localhost:8123/$1 [P,L]

SSLCertificateFile /etc/letsencrypt/live/app.home/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/app.home/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

cloud.home.conf 

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerName cloud.home
    DocumentRoot "/var/www/cloud"

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/cloud/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>

        ErrorLog ${APACHE_LOG_DIR}/cloud.home.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog ${APACHE_LOG_DIR}/cloud.home.access.log combined

SSLCertificateFile /etc/letsencrypt/live/cloud.home/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/cloud.home/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>

1 answers

solution1
 0 ACCPTED  2018-09-17 13:22:58

Apache receives an encrypted connection on port 443. It then negotiates the certificate with the client's browser. But at this point, it has not read the requested domain yet. It must negotiate the certificate first to decrypt the payload.

So Apache will always use the first VirtualHost it finds that matches port 443. It gets the certificate from this one.

To fix that, you have to:

  • setup a second IP for your second domain. So Apache will be configured to say domain1 == IP1, domain2 == IP2.
  • Use a different port for the second domain, like :444. But this is not convenient since it is not the default.
  • Use SNI. Do some research on this, too long for an explication here.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Apache vhost always show me the same content on different subdomains Apache vhost loads incorrect doc root apache2 vhost loads wrong project Apache2 - always serves default VHOST Apache - two vhost conf files for same ServerName? How to use browsersync with an apache vhost on same port? apache Vhost opens other Vhost Apache vhost redirects to another vhost Permission denied for iframe with source on same domain - Apache vhost cfg issue? Apache settings, multi vhost multi servername same directory
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM