# PROPER VirtualHost config? [SOLVED]

## guttersnipe

Hello fellow gentoo users.  I come to you out of desperation.  I've been using apache for years, now.  It didn't take me long to develop several websites, and require virtualhosting.  I've tried port-based virtual hosting and I've even tried ip-based virtual hosting.  The best solution seems to be name-based virtual hosting.  Over the years, I've just kind of modified various config files until I got the server to do what I wanted to do.  My configurations are always confusing, and I'm sure they were terribly unorthodox.  My question is: how do I set up VirtualHosting the RIGHT way.

Now, before you ask, I've read http://gentoo-wiki.com/HOWTO_Linux_Virtual_Hosting_Server#Virtual_Web_Hosting .  The wiki is terribly confusing.  Most of the documentation is outdated, and it has little notes underneath each section basically saying "what was just explained is outdated; don't use it."  I've tried following the directions, but all that did was break my apache setup.  (I actually had a correct setup a few hours ago, and when I tried to go "proper," the only result was that nothing works)

Starting from the top:

/etc/conf.d/apache2

The only thing that I know of that pertains to virtual hosting in this file is the "-D DEFAULT_VHOST" option in APACHE2_OPTS.  This is set in my configuration (as it is by default).

/etc/apache2/httpd.conf

I don't think I've changed anything in this file.  It seems that Gentoo likes you to change things elsewhere.  I know that modules configurations and virtual hosts configurations are in the modules.d and vhosts.d directories, respectfully.  One thing I don't understand is the line below:

```

Include /etc/apache2/vhosts.d/*.conf

```

Shouldn't this mean that it imports every file in the /etc/apache2/vhosts.d directory that ends in ".conf"?

One thing that's always been a pain is the update of apache2.  When I have all my configurations in 00_default_vhost.conf, it makes it a pain to upgrade!  I figured that you're SUPPOSED to put each virtual host in its own file in the vhosts.d directory (the wiki article supports this idea), but ever time I do, it never works!

Currently, here's what I've got:

```

neo www # ls -l /var/www

total 8

drwxr-xr-x 15 root   root   4096 Feb  6 12:43 ampache

drwxr-xr-x  3 apache apache 4096 Mar  3 02:48 localhost

```

--AND--

```

neo vhosts.d # ls -l /etc/apache2/vhosts.d/

total 16

-rw-r--r-- 1 root root 7745 Jan 18 18:30 00_default_ssl_vhost.conf

-rw-r--r-- 1 root root 2100 Mar  3 04:00 00_default_vhost.conf

-rw-r--r-- 1 root root 2831 Mar  3 03:38 default_vhost.include

```

...and here's the bloody 00_default_vhosts.conf file

```

neo vhosts.d # cat 00_default_vhost.conf 

# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.2/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

<IfDefine DEFAULT_VHOST>

# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80

# Use name-based virtual hosting.

NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default

# httpd.conf configuration will go away. We redefine it here so that it is

# still available.

#

# If you disable this vhost by removing -D DEFAULT_VHOST from

# /etc/conf.d/apache2, the first defined virtual host elsewhere will be

# the default.

<VirtualHost *:80>

        ServerName localhost

        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>

                ServerEnvironment apache apache

        </IfModule>

</VirtualHost>

</IfDefine>

<VirtualHost *:80>

        ServerName ampache.guttersnipe.homelinux.net

        DocumentRoot "/var/www/ampache"

        <Directory "/var/www/ampache">

                AllowOverride All

                Order allow,deny

                Allow from all

        </Directory>

</VirtualHost>

# vim: ts=4 filetype=apache

```

Currently, I can get to guttersnipe.homelinux.net but I CANNOT get to ampache.guttersnipe.homelinux.net.  As I said, I think I've had this exact config a few hours ago, but now that I've tried to make it better (I tried putting the working config info into a file /etc/apache2/vhosts.d/01_ampache_vhost.conf), and now that I've tried to reverse it, the virtual host is completely broken.  Please help me  :Crying or Very sad:  .

TIA, and sorry if the above is confusing.  It's almost 4AM now and I have a headache from screwing around with this all night x_x (not to mention that I have work in the morning  :Sad:  )Last edited by guttersnipe on Wed Mar 05, 2008 5:28 am; edited 1 time in total

----------

## nessus11

I am having a similar problem.  Does someone have a working configuration with this version of apache?  I was trying to install the apache2.0.8 version but it is no longer available through portage..  :Crying or Very sad:    Help please...   :Confused: 

----------

## z35

For my configuration, I just do

/etc/apache2/vhosts.d/10_example.com.conf

```
<VirtualHost *:80>

    ServerName "example.com"

    DocumentRoot "/var/www/example.com/htdocs"

    <Directory "/var/www/example.com/htdocs">

        Options Indexes FollowSymLinks MultiViews Includes ExecCGI

        AllowOverride None

        Order allow,deny

        Allow from all

    </Directory>

</VirtualHost>
```

Hosts may vary of course, but you should get the general ideal... And i think that is it... And modify the APACHE2_OPTS... If you have problems, you might want to look at apache's logs...

----------

## Psychoman

By browsing the gentoo fora and experimenting I have been aible to create a working apache-2.2.8 virtual host configuration with ssl.

It gives no errors when starting apache and behaves as expected.

default_vhost.include

```
ServerAdmin root@localhost

DocumentRoot "/var/www/localhost/htdocs"

<Directory "/var/www/localhost/htdocs">

   Options Indexes FollowSymLinks

   AllowOverride All

   Allow from all

</Directory>

<IfModule alias_module>

   ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"

</IfModule>

<Directory "/var/www/localhost/cgi-bin">

   AllowOverride None

   Options None

   Order allow,deny

   Allow from all

</Directory>
```

00_default_vhost.conf

```
<IfDefine DEFAULT_VHOST>

Listen 80

NameVirtualHost *:80

<VirtualHost *:80>

   ServerName localhost

   Include /etc/apache2/vhosts.d/default_vhost.include

   <IfModule mpm_peruser_module>

      ServerEnvironment apache apache

   </IfModule>

</VirtualHost>

</IfDefine>
```

00_default_ssl_vhost.conf

```
<IfDefine SSL>

<IfDefine SSL_DEFAULT_VHOST>

<IfModule ssl_module>

Listen 443

NameVirtualHost *:443

<VirtualHost *:443>

   ServerName localhost

   Include /etc/apache2/vhosts.d/default_vhost.include

   ErrorLog /var/log/apache2/ssl_error_log

   <IfModule log_config_module>

      TransferLog /var/log/apache2/ssl_access_log

   </IfModule>

   SSLEngine on

   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

   SSLCertificateFile /etc/apache2/ssl/server.crt

   SSLCertificateKeyFile /etc/apache2/ssl/server.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">

      SSLOptions +StdEnvVars

   </FilesMatch>

   <Directory "/var/www/localhost/cgi-bin">

      SSLOptions +StdEnvVars

   </Directory>

   <IfModule setenvif_module>

      BrowserMatch ".*MSIE.*" \

         nokeepalive ssl-unclean-shutdown \

         downgrade-1.0 force-response-1.0

   </IfModule>

   <IfModule log_config_module>

      CustomLog /var/log/apache2/ssl_request_log \

         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

   </IfModule>

</VirtualHost>

</IfModule>

</IfDefine>

</IfDefine>
```

firstvirtualhost_vhost.include

```
ServerAdmin root@localhost

ServerName firstvirtualhost.com

DocumentRoot "/var/www/firstvirtualhost/htdocs"

<Directory "/var/www/firstvirtualhost/htdocs">

   Options Indexes FollowSymLinks

   AllowOverride All

   Order allow,deny

   Allow from all

</Directory>

<IfModule alias_module>

   ScriptAlias /cgi-bin/ "/var/www/firstvirtualhost_vhost.include/cgi-bin/"

</IfModule>

<Directory "/var/www/firstvirtualhost/cgi-bin">

   AllowOverride None

   Options None

   Order allow,deny

   Allow from all

</Directory>
```

10_firstvirtualhost_vhost.conf

```
<VirtualHost *:80>

   Include /etc/apache2/vhosts.d/firstvirtualhost_vhost.include

   <IfModule mpm_peruser_module>

      ServerEnvironment apache apache

   </IfModule>

</VirtualHost>
```

10_firstvirtualhost_ssl_vhost.conf

```
<IfDefine SSL>

<IfDefine SSL_DEFAULT_VHOST>

<IfModule ssl_module>

<VirtualHost *:443>

   Include /etc/apache2/vhosts.d/firstvirtualhost_vhost.include

   ErrorLog /var/www/firstvirtualhost/logs/ssl_error_log

   <IfModule log_config_module>

      TransferLog /var/www/firstvirtualhost/logs/ssl_access_log

   </IfModule>

   SSLEngine on

   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

   SSLCertificateFile /etc/apache2/ssl/server.crt

   SSLCertificateKeyFile /etc/apache2/ssl/server.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">

      SSLOptions +StdEnvVars

   </FilesMatch>

   <Directory "/var/www/firstvirtualhost/cgi-bin">

      SSLOptions +StdEnvVars

   </Directory>

   <IfModule setenvif_module>

      BrowserMatch ".*MSIE.*" \

         nokeepalive ssl-unclean-shutdown \

         downgrade-1.0 force-response-1.0

   </IfModule>

   <IfModule log_config_module>

      CustomLog /var/www/firstvirtualhost/logs/ssl_request_log \

         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

   </IfModule>

</VirtualHost>

</IfModule>

</IfDefine>

</IfDefine>
```

secondvirtualhost_vhost.include

```
ServerAdmin root@localhost

ServerName secondvirtualhost.com

DocumentRoot "/var/www/secondvirtualhost/htdocs"

<Directory "/var/www/secondvirtualhost/htdocs">

   Options Indexes FollowSymLinks

   AllowOverride All

   Allow from all

</Directory>

<IfModule alias_module>

   ScriptAlias /cgi-bin/ "/var/www/secondvirtualhost/cgi-bin/"

</IfModule>

<Directory "/var/www/secondvirtualhost/cgi-bin">

   AllowOverride None

   Options None

   Order allow,deny

   Allow from all

</Directory>
```

20_secondvirtualhost_vhost.conf

```
<VirtualHost *:80>

   Include /etc/apache2/vhosts.d/secondvirtualhost_vhost.include

   <IfModule mpm_peruser_module>

      ServerEnvironment apache apache

   </IfModule>

</VirtualHost>
```

20_secondvirtualhost_ssl_vhost.conf

```
<IfDefine SSL>

<IfDefine SSL_DEFAULT_VHOST>

<IfModule ssl_module>

<VirtualHost *:443>

   Include /etc/apache2/vhosts.d/secondvirtualhost_vhost.include

   ErrorLog /var/www/secondvirtualhost/logs/ssl_error_log

   <IfModule log_config_module>

      TransferLog /var/www/secondvirtualhost/logs/ssl_access_log

   </IfModule>

   SSLEngine on

   SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

   SSLCertificateFile /etc/apache2/ssl/server.crt

   SSLCertificateKeyFile /etc/apache2/ssl/server.key

   <FilesMatch "\.(cgi|shtml|phtml|php)$">

      SSLOptions +StdEnvVars

   </FilesMatch>

   <Directory "/var/www/secondvirtualhost/cgi-bin">

      SSLOptions +StdEnvVars

   </Directory>

   <IfModule setenvif_module>

      BrowserMatch ".*MSIE.*" \

         nokeepalive ssl-unclean-shutdown \

         downgrade-1.0 force-response-1.0

   </IfModule>

   <IfModule log_config_module>

      CustomLog /var/www/secondvirtualhost/logs/ssl_request_log \

         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

   </IfModule>

</VirtualHost>

</IfModule>

</IfDefine>

</IfDefine>
```

----------

## guttersnipe

Thanks for your responses.

I ended up emerging the latest apache2.  It came with new configuration files, so I just overwrote my old with the new ones with etc-update and -5.

I then was able to create the one file/site in the vhosts.d directory, and it works just fine.  Here's what I have now (note: I'm not going to bother posting SSL config files, as I don't use it):

```

# ls /etc/apache2/vhosts.d

00_default_ssl_vhost.conf  01_ampache_vhost.conf      default_vhost.include

00_default_vhost.conf      02_pixerch-0.8.vhost.conf

```

/etc/apache2/vhosts.d/00_default_vhost.conf

```

# Virtual Hosts

#

# If you want to maintain multiple domains/hostnames on your

# machine you can setup VirtualHost containers for them. Most configurations

# use only name-based virtual hosts so the server doesn't need to worry about

# IP addresses. This is indicated by the asterisks in the directives below.

#

# Please see the documentation at

# <URL:http://httpd.apache.org/docs/2.2/vhosts/>

# for further details before you try to setup virtual hosts.

#

# You may use the command line option '-S' to verify your virtual host

# configuration.

<IfDefine DEFAULT_VHOST>

# see bug #178966 why this is in here

# Listen: Allows you to bind Apache to specific IP addresses and/or

# ports, instead of the default. See also the <VirtualHost>

# directive.

#

# Change this to Listen on specific IP addresses as shown below to

# prevent Apache from glomming onto all bound IP addresses.

#

#Listen 12.34.56.78:80

Listen 80

# Use name-based virtual hosting.

NameVirtualHost *:80

# When virtual hosts are enabled, the main host defined in the default

# httpd.conf configuration will go away. We redefine it here so that it is

# still available.

#

# If you disable this vhost by removing -D DEFAULT_VHOST from

# /etc/conf.d/apache2, the first defined virtual host elsewhere will be

# the default.

<VirtualHost *:80>

        ServerName localhost

        Include /etc/apache2/vhosts.d/default_vhost.include

        <IfModule mpm_peruser_module>

                ServerEnvironment apache apache

        </IfModule>

</VirtualHost>

</IfDefine>

# vim: ts=4 filetype=apache

```

/etc/apache2/vhosts.d/default_vhost.include

```

# ServerAdmin: Your address, where problems with the server should be

# e-mailed.  This address appears on some server-generated pages, such

# as error documents.  e.g. admin@your-domain.com

ServerAdmin root@localhost

# DocumentRoot: The directory out of which you will serve your

# documents. By default, all requests are taken from this directory, but

# symbolic links and aliases may be used to point to other locations.

#

# If you change this to something that isn't under /var/www then suexec

# will no longer work.

DocumentRoot "/var/www/localhost/htdocs"

# This should be changed to whatever you set DocumentRoot to.

<Directory "/var/www/localhost/htdocs">

        # Possible values for the Options directive are "None", "All",

        # or any combination of:

        #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

        #

        # Note that "MultiViews" must be named *explicitly* --- "Options All"

        # doesn't give it to you.

        #

        # The Options directive is both complicated and important.  Please see

        # http://httpd.apache.org/docs/2.2/mod/core.html#options

        # for more information.

        Options Indexes FollowSymLinks

        # AllowOverride controls what directives may be placed in .htaccess files.

        # It can be "All", "None", or any combination of the keywords:

        #   Options FileInfo AuthConfig Limit

        AllowOverride All

        # Controls who can get stuff from this server.

        Order allow,deny

        Allow from all

</Directory>

<IfModule alias_module>

        # Redirect: Allows you to tell clients about documents that used to

        # exist in your server's namespace, but do not anymore. The client

        # will make a new request for the document at its new location.

        # Example:

        #   Redirect permanent /foo http://www.example.com/bar

        # Alias: Maps web paths into filesystem paths and is used to

        # access content that does not live under the DocumentRoot.

        # Example:

        #   Alias /webpath /full/filesystem/path

        #

        # If you include a trailing / on /webpath then the server will

        # require it to be present in the URL.  You will also likely

        # need to provide a <Directory> section to allow access to

        # the filesystem path.

        # ScriptAlias: This controls which directories contain server scripts.

        # ScriptAliases are essentially the same as Aliases, except that

        # documents in the target directory are treated as applications and

        # run by the server when requested rather than as documents sent to the

        # client.  The same rules about trailing "/" apply to ScriptAlias

        # directives as to Alias.

        ScriptAlias /cgi-bin/ "/var/www/localhost/cgi-bin/"

</IfModule>

# "/var/www/localhost/cgi-bin" should be changed to whatever your ScriptAliased

# CGI directory exists, if you have that configured.

<Directory "/var/www/localhost/cgi-bin">

        AllowOverride None

        Options None

        Order allow,deny

        Allow from all

</Directory>

# vim: ts=4 filetype=apache

```

/etc/apache2/vhosts.d/01_ampache_vhost.conf

```

<VirtualHost *:80>

        ServerName ampache.guttersnipe.homelinux.net

        DocumentRoot "/var/www/ampache"

        <Directory "/var/www/ampache">

                AllowOverride all

                Order allow,deny

                Allow from all

        </Directory>

</VirtualHost>

```

/etc/apache2/vhosts.d/02_pixerch-0.8.vhost.conf

```

<VirtualHost *:80>

        ServerName pixerch.guttersnipe.homelinux.net

        DocumentRoot "/var/www/pixerch-0.8/htdocs"

        <Directory "/var/www/pixerch-0.8/htdocs">

                AllowOverride all

                Order allow,deny

                Allow from all

        </Directory>

</VirtualHost>

```

Again, that's for your support and for posting your configurations.

----------

## nessus11

Man, you guys are great.  I was getting so frustrated since I had somewhat of a time limit at work.  Thanks again and good karma to you.  Now, for the svn part..yikes..  :Smile: 

----------

## COiN3D

I just wanted to paste more than one virtual host in a config file, but Apache doesn't accept my second vhost, although it has completely correct syntax (exact the same like the virtual host that works, except for the directory and domain name). Do you have a similar problem?

----------

## nessus11

 *COiN3D wrote:*   

> I just wanted to paste more than one virtual host in a config file, but Apache doesn't accept my second vhost, although it has completely correct syntax (exact the same like the virtual host that works, except for the directory and domain name). Do you have a similar problem?

 

I tried doing the same thing by putting all my virtual host in one config file, but unfortunately, it didn't work.  I created a config file for each virtual host and it did work.

01_vhost1.conf

02_vhost2.conf

03_vhost3.conf

etc....

Hope this helps...

----------

## COiN3D

Solved it - but for what reason, I don't know why your configurations work for you guys! In my case I had to add another line called "ServerAlias".

Example:

```
<VirtualHost *:80>

        ServerName www.fwsearch.org

   ServerAlias fwsearch.org *.fwsearch.org

        DocumentRoot "/var/www/localhost/htdocs/fwsearch.org"

        <Directory "/var/www/localhost/htdocs/fwsearch.org">

                AllowOverride all

                Order allow,deny

                Allow from all

        </Directory>

</VirtualHost> 
```

----------

## chidychi

serveralias just lets you define different "names" or strings for the same virtual host.

www.example.org is different than www1.example.org or example..org

you don't need it if you only want traffic from specifically www.example.org going to your one virtual host

----------

## chidychi

 *Psychoman wrote:*   

> By browsing the gentoo fora and experimenting I have been aible to create a working apache-2.2.8 virtual host configuration with ssl.
> 
> It gives no errors when starting apache and behaves as expected.
> 
> default_vhost.include
> ...

 

Hey ,  Are you saying that your virtual hosts can be handled through ssl this way?   

I am trying to do that but it errors out saying 

```
 [warn] _default_ VirtualHost overlap on port 443, the first has precedence
```

when I try to access a virtual host securely it defaults back to my document root.

cheers

chi

----------

## nessus11

Here is my "howto" to force my site to use https.

So when I type in www.mydomain.com, it automatically goes to https://www.mydomain.com.  Accept the certificate first of course or click to continue to website if you are using IE7.  There's usually a message before accepting a digital certificate I think...

"Howto Virtual Hosting with SSL on Gentoo "  

Note:  You will need a working Gentoo box.  To setup Gentoo, go here.

http://www.gentoo.org/doc/en/index.xml?catid=install#doc_chap2

#    emerge -av apache 

The ebuild for apache I emerged: 

www-servers/apache-2.2.8 

Once installed, you will need to configure the following files: 

/etc/conf.d/apache2

Files will be configured or added in this directory depending on how many vhosts: 

/etc/apache2/vhost.d/ 

Now for the fun part. 

#    cd /etc/apache2/vhost.d/ 

These are my configuration files I came up with by looking at the examples from gentoo.org forums.  

I will force apache to point to https when my site is being requested so it will be using a secured line by way of ssl. 

(However for now, it will be using a certificate created from localhost with a 256bit encryption.  A certificate can be purchased from a Certificate Authority like Verisign, Go-Daddy, etc.  Verisign is one that holds 57% of the market regarding digital security certificates.) 

http://en.wikipedia.org/wiki/Certificate_authority

First edit /etc/apache/vhost.d/ 00_default_ssl_vhost.conf 

#     vi 00_default_ssl_vhost.conf 

Listen 443

NameVirtualHost *:443

<VirtualHost _default_:443>

        ServerName localhost

        Include /etc/apache2/vhosts.d/default_vhost.include

        ErrorLog /var/log/apache2/ssl_error_log 

        <IfModule log_config_module>

                TransferLog /var/log/apache2/ssl_access_log

        </IfModule> 

The line in bold letters is what was added. 

Now let us create our virtual hosts. 

#     vi  mydomain_vhost.include 

ServerAdmin root@localhost

ServerName www.mydomain.com

# DocumentRoot: The directory out of which you will serve your

# documents. By default, all requests are taken from this directory, but

# symbolic links and aliases may be used to point to other locations.

#

# If you change this to something that isn't under /var/www then suexec

# will no longer work.

DocumentRoot "/var/www/mydomain"

# This should be changed to whatever you set DocumentRoot to.

<Directory "/var/www/mydomain">

        # Possible values for the Options directive are "None", "All",

        # or any combination of:

        #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

        #

        # Note that "MultiViews" must be named *explicitly* --- "Options All"

        # doesn't give it to you.

        #

        # The Options directive is both complicated and important.  Please see

        # http://httpd.apache.org/docs/2.2/mod/core.html#options

        # for more information.

        Options Indexes FollowSymLinks 

        # AllowOverride controls what directives may be placed in .htaccess files.

        # It can be "All", "None", or any combination of the keywords:

        #   Options FileInfo AuthConfig Limit

        AllowOverride All

        # Controls who can get stuff from this server.

        Order allow,deny

        Allow from all

</Directory> 

Now edit next config file which is 01_mydomain_ssl_vhost.conf. 

#    vi  01_mydomain_ssl_vhost.conf 

<VirtualHost *:443>

        ServerName localhost

Include /etc/apache2/vhosts.d/mydomain_vhost.include

        ErrorLog /var/log/apache2/ssl_error_log 

        <IfModule log_config_module>

                TransferLog /var/log/apache2/ssl_access_log

        </IfModule> 

        ## SSL Engine Switch:

        # Enable/Disable SSL for this virtual host.

        SSLEngine on 

        ## SSL Cipher Suite:

        # List the ciphers that the client is permitted to negotiate.

        # See the mod_ssl documentation for a complete list.

        SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL 

        ## Server Certificate:

        # Point SSLCertificateFile at a PEM encoded certificate. If the certificate

        # is encrypted, then you will be prompted for a pass phrase. Note that a

        # kill -HUP will prompt again. Keep in mind that if you have both an RSA

        # and a DSA certificate you can configure both in parallel (to also allow

        # the use of DSA ciphers, etc.)

        SSLCertificateFile /etc/apache2/ssl/server.crt 

Last file to configure which is 01_mydomain_vhost.conf. 

#    vi  01_mydomain_vhost.conf 

<VirtualHost *:80>

Include /etc/apache2/vhosts.d/mydomain_vhost.include 

        <IfModule mpm_peruser_module>

                ServerEnvironment apache apache

        </IfModule> 

<Location />

RedirectMatch 301 (.*)$ https://www.mydomain.com$1

</Location>

</VirtualHost>

</IfDefine> 

# vim: ts=4 filetype=apache

~ 

You can repeat the same steps with your next virtual host.  Just don't forget to number them differently and point apache to the correct file for each virtual host. 

02_mydomain2_vhost.d.conf 

02_mydomian2_ssl_vhosht.d.conf 

mydomain2_vhost.d.inlucde 

Hope this helps.

----------

## Psychoman

 *chidychi wrote:*   

> Hey ,  Are you saying that your virtual hosts can be handled through ssl this way?

 

That's what it does yes.

Note that the protocol can't handle name based virtual hosts over ssl,

so the same certificate is used for all virtual hosts.

Not extremely secure but better then nothing ...

Note that, although it is working, I get some warnings:

```
[warn] Init: SSL server IP/port conflict: virtual_host1:443 (/etc/apache2/vhosts.d/10_virtual_host1_ssl_vhost.conf:12) vs. virtual_host2:443 (/etc/apache2/vhosts.d/20_virtual_host2_ssl_vhost.conf:11)

[warn] Init: SSL server IP/port conflict: localhost:443 (/etc/apache2/vhosts.d/00_default_ssl_vhost.conf:11) vs. virtual_host2:443 (/etc//apache2/vhosts.d/20_virtual_host2_ssl_vhost.conf:11

[warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
```

----------

