RE: Enable/disable SSL in virutal hosts

Hi Mike,

Thanks for the information.  You've provided more information than most
posters, including corroboration that the server is reading the
configuration file.

Unfortunately, as best I can tell, you haven't indicated what exactly isn't
working.

Is it that when you visit the DocumentRoot, SSL is invoked?

Or is it when you visit /admin, SSL is not invoked?

Or is it something else not working?

Additionally, it would be helpful if you paste in the entire configuration
file (not just an excerpt).

One thing that catches my eye is immediately is that directories are
normally declared outside the virtual hosts sections and then Alias'd in.
I'd need to see the whole configuration file to get context on what you're
doing.

Best regards and happy new year!

Dave.

-----Original Message-----
From: owner-modssl-users@xxxxxxxxxx
[mailto:owner-modssl-users@xxxxxxxxxx]On Behalf Of Mike Fratto
Sent: Friday, December 31, 2004 6:41 PM
To: modssl-users@xxxxxxxxxx
Subject: Enable/disable SSL in virutal hosts


I am trying to configure apache 1.3.33 with modssl2.8.22-1.3.33 on a virual
host but only for a specific directory. I have SSL working for the doc root
for various virtual hosts. I have read through the mod_ssl docs, and
O'Reilly's Apache guide, but I haven't been able to get it to work.

Specifically, for the servername sam, when a browser hits the DocumentRoot,
I want to ensure that SSL is not invoked (just for performance reasons) but
when a user hits /admin, then SSL must be invoked. I have tried various
tweaks to no avail (the virtual host section is below). I know that I am
using the correct httpd.conf file because when I fat finger a directive, and
stop and start apache, I get an error. Changes to SSLEngine off|on seem to
have no effect.

Any ideas, thanks.


NameVirtualHost 192.168.10.50:80



# Disable SSL first
SSLEngine off

<VirtualHost 192.168.10.50:80>
        SSLEngine off
        ServerAdmin root@localhost
        DocumentRoot /www/htdocs
        ServerName storage
        ErrorLog logs/error_log
        CustomLog logs/access_log combined
</VirtualHost>

<VirtualHost 192.168.10.50:80>
        SSLEngine off
        ServerAdmin root@localhost
        DocumentRoot /www/sam
        ServerName sam
        ErrorLog logs/sam_error_log
        CustomLog logs/sam_access_log combined
</VirtualHost>

<VirtualHost 192.168.10.50:443>
        SSLEngine on
        ServerName sam
        DocumentRoot /www/sam
        SSLCertificateFile /www/conf/ssl.crt/sam.cert
        SSLCertificateKeyFile /www/conf/ssl.key/sam.key
        SSLVerifyClient 0
        ErrorLog logs/sam_error_log
        CustomLog logs/sam_access_log combined

        <Directory "/www/sam/admin">
                SSLRequireSSL
                SSLOptions +StrictRequire
#               AuthType basic
#               AuthName admin
#               AuthUserFile /www/auth/admin-users
#               AuthGroupFile /www/auth/groups
#               require valid-user
        </Directory>
</VirtualHost>

<VirtualHost 192.168.10.50:80>
        SSLDisable
        ServerAdmin root@localhost
        DocumentRoot /www/mike
        ServerName mike
        ErrorLog logs/mike_error_log
        CustomLog logs/mike_access_log combined
</VirtualHost>

______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@xxxxxxxxxx
Automated List Manager                            majordomo@xxxxxxxxxx


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@xxxxxxxxxx
Automated List Manager                            majordomo@xxxxxxxxxx