10

Alright, so I have an Apache server set up with the following directives:

NameVirtualHost *:80

<VirtualHost *:80> ServerName example1.com ServerAlias www.example1.com DocumentRoot /var/www/html </VirtualHost> <VirtualHost *:80> ServerName example2.com ServerAlias *.example2.com DocumentRoot /var/www/example2 </VirtualHost> <VirtualHost example1.com:443> DocumentRoot /var/www/html ServerName example1.com:443 SSLEngine on ... </VirtualHosts>

So example1.com has SSL support, and can be accessed either via http:// example1.com or https:// example1.com. However, this has the unintended side effect of showing https:// example1.com when I visit https:// example2.com in my browser. What I want to do is basically disable https:// example2.com somehow or re-direct it to http:// example2.com so I don't get a warning and the wrong site when I visit it.

Improve this question

3 Answers 3

Reset to default
6

You won't be able to avoid getting a warning, unless example1 and example2 are on different IP addresses, or you get an SSL certificate covering both names -- an error page or redirect can't happen until after the SSL connection is established.

That being said, something along these lines should work:

NameVirtualHost *:443 <VirtualHost *:443> ServerName example1.com SSLEngine on #... </VirtualHost> <VirtualHost *:443> ServerName example2.com SSLEngine on # same certificate config here as on example1, unless you're wanting to use TLS SNI # then, let's redirect the user to non-SSL Redirect permanent / http://example2.com/ </VirtualHost>
Improve this answer
2
  • Thanks! I think I was missing the NameVirtualHost directive and Apache thought I was trying to make two virtual hosts conflicting each other. Interestingly, Chrome is not throwing a warning over this redirect... But I'm not worried about that, just don't want my SSL site showing up under other domain names. Commented Feb 23, 2013 at 10:12
  • Is not same than add invalid certs to fallback to non-ssl? I guess you can directly append _fake to the name of the certs on your vhost directive. Commented Mar 1, 2015 at 9:34
0

i do not think you should put :443 on ServerName example1.com:443

these should be right configure

<VirtualHost example1.com:443> //change example1.com to ip address is a good habit DocumentRoot /var/www/html ServerName example1.com SSLEngine on ... </VirtualHosts>
Improve this answer
0

You need to have Server Name Indication (SNI) to accomplish this. Please refer the link: http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI for details.

Improve this answer
1
  • 1
    Down voted because you didn't provide an answer or example, only a link (which isn't guaranteed to be there permanently) Commented Sep 12, 2014 at 15:00

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.