Getting SSL to work across virtual hosts in Apache

By Steve Blass, Network World, 01/16/06

 Start a discussion    Print article

 Comments (1)    Print article

I have an Apache server running a number of named virtual hosts that I want to use SSL with. Apache doesn't support named virtual hosts in the SSL configuration file, because of the way the protocols work. I need to route requests by hostname using SSL. How can I do that?

Apache cannot support named virtual hosts in SSL host configuration files, because it cannot see the hostname header when the SSL request is being processed. You can use a directory-level configuration file, typically called .htaccess, to redirect the request, because the host name information is available at that later point in the processing.

To do this, include the line

AllowOverride Options FileInfo AuthConfig

in the general configuration section of the apache httpd.conf server configuration file. This allows you to use the Apache URL rewriting engine from a directory-level configuration file.

In the directory defined as DocumentRoot in the <VirtualHost_default:443> section of the Apache SSL configuration file, create an .htaccess file containing three lines:

RewriteEngine On
RewriteCond %{REQUEST_FILENAME} ^.*$
RewriteRule ^(.*)$ http://%{HTTP_HOST}:80/$1 [P]

This will send the decrypted SSL request to the host named in the http headers by proxy so that your users see only the https URLs.

Depending on how your sites are named, users may see security warnings that your SSL certificate does not match the hostname.

Featured Whitepapers

True Enterprise-Quality Linux Support: Edison Group White Paper

Grid Computing White Paper: Oracle Grid Solutions for the Next-Generation Data Center

Manage your data more efficiently, economically, and ecologically with zero risk-start saving today.

LinuxCast Listen to the latest Linux news.

About Us | Contact Us | Advertising Info | Terms of Service/Privacy

Copyright, 2006-2007 Network World, Inc. All rights reserved.