jdk Posted November 10, 2008 Report Share Posted November 10, 2008 First, thank you for sharing Uniform Server. It is great! I have used Uniform Server to set up 5 Joomla powered sites on one IP address using name based virtualhosts. I am attempting to set it up so that the sites are served via port 80, but allow login and administrator (backend) access via ssl port 443. I have read and followed the example on the wiki. I installed mod_ssl using the file posted. I edited httpd.conf to specify that the virtualhosts use port 80 by appending ":80" to each virtualhost. I edited ssl.conf using the examples provided, removing the default_secure virtualhost, and adding virtualhosts for each of my sites. I comented out Require valid-user for each. My problem: When I try to access the first virtualhost site via ssl, I am taken to the login for the second site's login page. I would be most appreciative for any input. Thanks, JMy ssl.conf looks like this: ===================================================================== #################### Global SSL ##########################Listen 443#== Some MIME-types for downloading Certificates and CRLsAddType application/x-x509-ca-cert .crtAddType application/x-pkcs7-crl .crl #== Pass Phrase Dialog:(`builtin' is a internal terminal dialog)SSLPassPhraseDialog builtin #== Inter-Process Session Cache: ##SSLSessionCache none##SSLSessionCacheTimeout 300 SSLSessionCache shmcb:logs/ssl_scache(512000)SSLSessionCacheTimeout 300 #== SSL engine uses internally for inter-process synchronization. SSLMutex default #== Pseudo Random Number Generator (PRNG): SSLRandomSeed startup builtinSSLRandomSeed connect builtin ########### SSL Virtual Host ############################ NameVirtualHost domain:443 <VirtualHost domain:443> ServerName domainDocumentRoot /www/folder1ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder1"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory> #== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> ############################################################## NameVirtualHost site2.domain:443 <VirtualHost site2.domain:443> ServerName site2.domainDocumentRoot /www/folder1ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder2"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory> #== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> ############################################################## NameVirtualHost site3.domain:443 <VirtualHost site3.domain:443> ServerName site3.domainDocumentRoot /www/folder3ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder3"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory> #== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> ========================================================================================== ############################################################## NameVirtualHost site4.domain:443 <VirtualHost site4.domain:443> ServerName site4.domainDocumentRoot /www/folder4ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder4"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory> #== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost>==============================================================================############################################################## NameVirtualHost site5.domain:443 <VirtualHost site5.domain:443> ServerName site5.domainDocumentRoot /www/folder5ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder5"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory> #== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </VirtualHost> ======================================================= Quote Link to comment Share on other sites More sharing options...
jdk Posted November 10, 2008 Author Report Share Posted November 10, 2008 Problem solved. I inserted a virtualhost directive first in the list for default_secure. Now, I am running my Joomla sites over port 80 with users and administrators l9ogging in ssl port 443. If you took the time to read this - please accept my apology for taking up your time. I am bumbling through this and slowly learning. Cheers!! J First, thank you for sharing Uniform Server. It is great! I have used Uniform Server to set up 5 Joomla powered sites on one IP address using name based virtualhosts. I am attempting to set it up so that the sites are served via port 80, but allow login and administrator (backend) access via ssl port 443. I have read and followed the example on the wiki. I installed mod_ssl using the file posted. I edited httpd.conf to specify that the virtualhosts use port 80 by appending ":80" to each virtualhost. I edited ssl.conf using the examples provided, removing the default_secure virtualhost, and adding virtualhosts for each of my sites. I comented out Require valid-user for each. My problem: When I try to access the first virtualhost site via ssl, I am taken to the login for the second site's login page. I would be most appreciative for any input. Thanks, JMy ssl.conf looks like this: ===================================================================== #################### Global SSL ##########################Listen 443#== Some MIME-types for downloading Certificates and CRLsAddType application/x-x509-ca-cert .crtAddType application/x-pkcs7-crl .crl #== Pass Phrase Dialog:(`builtin' is a internal terminal dialog)SSLPassPhraseDialog builtin #== Inter-Process Session Cache: ##SSLSessionCache none##SSLSessionCacheTimeout 300 SSLSessionCache shmcb:logs/ssl_scache(512000)SSLSessionCacheTimeout 300 #== SSL engine uses internally for inter-process synchronization. SSLMutex default #== Pseudo Random Number Generator (PRNG): SSLRandomSeed startup builtinSSLRandomSeed connect builtin########### SSL Virtual Host ############################ NameVirtualHost domain:443 <VirtualHost domain:443> ServerName domainDocumentRoot /www/folder1ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder1"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory>#== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</VirtualHost> ############################################################## NameVirtualHost site2.domain:443 <VirtualHost site2.domain:443> ServerName site2.domainDocumentRoot /www/folder1ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder2"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory>#== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</VirtualHost> ############################################################## NameVirtualHost site3.domain:443 <VirtualHost site3.domain:443> ServerName site3.domainDocumentRoot /www/folder3ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder3"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory>#== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</VirtualHost> ========================================================================================== ############################################################## NameVirtualHost site4.domain:443 <VirtualHost site4.domain:443> ServerName site4.domainDocumentRoot /www/folder4ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder4"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory>#== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</VirtualHost>==============================================================================############################################################## NameVirtualHost site5.domain:443 <VirtualHost site5.domain:443> ServerName site5.domainDocumentRoot /www/folder5ServerAdmin you@example.com ErrorLog logs/error_ssl.logTransferLog logs/access_ssl.log #== SSL Engine Switch:SSLEngine on #== SSL Cipher Suite:SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULLSSLProtocol all -SSLv2 #== Server Certificate:SSLCertificateFile conf/ssl.crt/server.crt #== Server Private Key:SSLCertificateKeyFile conf/ssl.key/server.key # This enables optimized SSL connection renegotiation handling when SSL# directives are used in per-directory context. #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire<FilesMatch "\.(cgi|shtml|phtml|php3?)$"> SSLOptions +StdEnvVars</FilesMatch> <Directory "/home/admin/www/cgi-bin/"> SSLOptions +StdEnvVars</Directory> #== Basic authentication <Directory "/www/folder5"> AuthName "Uniform Server - Unicenter Demo Server Access" AuthType Basic AuthUserFile /htpasswd/modsslpass/.htpasswd #Require valid-user</Directory>#== Most problems of broken clients are related to the HTTP# keep-alive facility. Disable keep-alive for those clients.SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 #== Per-Server Logging:# The home of a custom SSL log file. Use this when you want a# compact non-error SSL logfile on a virtual host basis.CustomLog logs/ssl_request.log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</VirtualHost> ======================================================= Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.