[TriLUG] serving multiple HTTPS sites on same server with redirection

Blackburn, Marvin mblackburn at glenraven.com
Mon May 20 09:48:54 EDT 2013


The problem is that we have to have several https sites, each requiring their own certificate which in turn requires them to each have its own IP address.
We redirect 80->8080 and 443->8443.  But when we use ip aliasing to get the extra IP addresses, the redirection doesn't work correctly.  We use the redirection to avoid the privileged ports and this gives the web admin more control of his environment.

We are looking into David Brain's suggestion of SNI; however this will require to change our stack and some procedures; however, if it works, then it should resolve our problem (or at least we think it will).

-----Original Message-----
From: trilug-bounces at trilug.org [mailto:trilug-bounces at trilug.org] On Behalf Of Aaron Joyner
Sent: Sunday, May 12, 2013 11:14 PM
To: Triangle Linux Users Group General Discussion
Subject: Re: [TriLUG] serving multiple HTTPS sites on same server with redirection

Hi Marvin,

I'm a bit perplexed about what your goal is?  I read over your rules, and
it seems like you're trying to use 'iptables' when what you really want is
another 'Listen' stanza(s) in your apache config?  Can you clarify why you
want Apache to listen to two sets of ports on two IPs on the same machine,
and why 4 Listen stanzas isn't the right choice for that?

Listen 80
Listen 8080
Listen 443
Listen 8443

(Of course, they may need to exist inside the appropriate / separate
<VirtualHost> directives.)

For more info:
http://httpd.apache.org/docs/2.2/bind.html

Aaron S. Joyner







More information about the TriLUG mailing list