--000e0cd11ae071d429047ac65161
Content-Type: text/plain; charset=ISO-8859-1

I have a single webserver (1 IP) to which many DNS entries point to. Up
till now I've haven't needed SSL and the following config pattern has worked
fine for me:

<VirtualHost *>
ServerName foo.mysite.com
....
</VirtualHost>

<VirtualHost *>
ServerName bar.mysite.com
....
</VirtualHost>


However, when I added SSL to to foo.mysite.com, the config had to become:
<VirtualHost foo.mysite.com:443>
....SSLStuff

In the meantime non-HTTPS traffic to foo.mysite.com worked fine except that
the Alias directives did not work. So I realized the problem (the port was
only for 443) and changed the config to:
<VirtualHost foo.mysite.com:80 foo.mysite.com:443>

But this has the unwanted effect of returning 400 Bad Request to HTTP
traffic for foo.mysite.com, with this message:
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.

So my question is, how do I configure the VirtualHost to allow HTTP traffic
(port 80) and HTTPS traffic (443)?

--000e0cd11ae071d429047ac65161
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

I have a single webserver (1 IP) to which many DNS entries point to.=A0 Up =
till now I've haven't needed SSL and the following config pattern h=
as worked fine for me:<br><br><VirtualHost *><br>ServerName <a href=
=3D"http://foo.mysite.com">foo.mysite.com</a><br>
....<br></VirtualHost><br><br><VirtualHost *><br>ServerName <a h=
ref=3D"http://bar.mysite.com">bar.mysite.com</a><br>...<br></VirtualHost=
><br><br><br>However, when I added SSL to to <a href=3D"http://foo.mysit=
e.com">foo.mysite.com</a>, the config had to become:<br>
<VirtualHost <a href=3D"http://foo.mysite.com:443">foo.mysite.com:443</a=
>><br>...SSLStuff<br><br>In the meantime non-HTTPS traffic to <a href=3D=
"http://foo.mysite.com">foo.mysite.com</a> worked fine except that the Alia=
s directives did not work.=A0 So I realized the problem (the port was only =
for 443) and changed the config to:<br>
<VirtualHost <a href=3D"http://foo.mysite.com:80">foo.mysite.com:80</a> =
<a href=3D"http://foo.mysite.com:443">foo.mysite.com:443</a>><br><br>But=
this has the unwanted effect of returning 400 Bad Request to HTTP traffic =
for <a href=3D"http://foo.mysite.com">foo.mysite.com</a>, with this message=
:<br>
Your browser sent a request that this server could not understand.<br>
Reason: You're speaking plain HTTP to an SSL-enabled server port.<br>
Instead use the HTTPS scheme to access this URL, please.<br><br>So my quest=
ion is, how do I configure the VirtualHost to allow HTTP traffic (port 80) =
and HTTPS traffic (443)?<br>

--000e0cd11ae071d429047ac65161--

On Tue, Dec 15, 2009 at 10:48 AM, Jonathan Mast
<jhmast.developer [at] gmail.com> wrote:
> So my question is, how do I configure the VirtualHost to allow HTTP traffic
> (port 80) and HTTPS traffic (443)?

You need two virtualhosts, one with SSL and one without. If you want
everything other than SSL to be common, use Include to source a common
config.

I'd suggest *:80 and *:443 until you have to actually discriminate
based on the local IP address. If you need to discriminate based on
hostname requested for non-SSL, add NameVirtualHost *:80.

--
Eric Covener
covener [at] gmail.com

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

--000e0cd1a8cc2a5228047ac70141
Content-Type: text/plain; charset=ISO-8859-1

I'm thinking that the host name actually is required in the VirtualHost
declaration.

But the 2 separate VirtualHost entries worked, thanks

On Tue, Dec 15, 2009 at 10:53 AM, Eric Covener <covener [at] gmail.com> wrote:

> On Tue, Dec 15, 2009 at 10:48 AM, Jonathan Mast
> <jhmast.developer [at] gmail.com> wrote:
> > So my question is, how do I configure the VirtualHost to allow HTTP
> traffic
> > (port 80) and HTTPS traffic (443)?
>
> You need two virtualhosts, one with SSL and one without. If you want
> everything other than SSL to be common, use Include to source a common
> config.
>
> I'd suggest *:80 and *:443 until you have to actually discriminate
> based on the local IP address. If you need to discriminate based on
> hostname requested for non-SSL, add NameVirtualHost *:80.
>
> --
> Eric Covener
> covener [at] gmail.com
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
> " from the digest: users-digest-unsubscribe [at] httpd.apache.org
> For additional commands, e-mail: users-help [at] httpd.apache.org
>
>

--000e0cd1a8cc2a5228047ac70141
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

I'm thinking that the host name actually is required in the VirtualHost=
declaration. <br><br>But the 2 separate VirtualHost entries worked, thanks=
<br><br><div class=3D"gmail_quote">On Tue, Dec 15, 2009 at 10:53 AM, Eric C=
ovener <span dir=3D"ltr"><<a href=3D"mailto:covener [at] gmail.com">covener [at] g=
mail.com</a>></span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"border-left: 1px solid rgb(204, =
204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div class=3D"im"=
>On Tue, Dec 15, 2009 at 10:48 AM, Jonathan Mast<br>
<<a href=3D"mailto:jhmast.developer [at] gmail.com">jhmast.developer [at] gmail.co=
m</a>> wrote:<br>
> So my question is, how do I configure the VirtualHost to allow HTTP tr=
affic<br>
> (port 80) and HTTPS traffic (443)?<br>
<br>
</div>You need two virtualhosts, one with SSL and one without. If you want<=
br>
everything other than SSL to be common, use Include to source a common<br>
config.<br>
<br>
I'd suggest *:80 and *:443 until you have to actually discriminate<br>
based on the local IP address. If you need to discriminate based on<br>
hostname requested for non-SSL, add NameVirtualHost *:80.<br>
<br>
--<br>
Eric Covener<br>
<a href=3D"mailto:covener [at] gmail.com">covener [at] gmail.com</a><br>
<br>
------------------------------------------------------------ ---------<br>
The official User-To-User support forum of the Apache HTTP Server Project.<=
br>
See <URL:<a href=3D"http://httpd.apache.org/userslist.html" target=3D"_b=
lank">http://httpd.apache.org/userslist.html</a>> for more info.<br>
To unsubscribe, e-mail: <a href=3D"mailto:users-unsubscribe [at] httpd.apache.or=
g">users-unsubscribe [at] httpd.apache.org</a><br>
=A0 " =A0 from the digest: <a href=3D"mailto:users-digest-unsubscribe=
[at] httpd.apache.org">users-digest-unsubscribe [at] httpd.apache.org</a><br>
For additional commands, e-mail: <a href=3D"mailto:users-help [at] httpd.apache.=
org">users-help [at] httpd.apache.org</a><br>
<br>
</blockquote></div><br>

--000e0cd1a8cc2a5228047ac70141--

On Tue, Dec 15, 2009 at 5:37 PM, Jonathan Mast
<jhmast.developer [at] gmail.com> wrote:
> I'm thinking that the host name actually is required in the VirtualHost

No it is not required.

A hostname in a VirtualHost directive is internally converted to an IP
address and only needed if this VirtualHost needs to be bound to a
particular IP on a multi homed host. In most practical scenarios
having *:443 and *:80 in your VirtuaHost direcives is perfectly
adequate.

Krist

--
krist.vanbesien [at] gmail.com
krist [at] vanbesien.org
Bremgarten b. Bern, Switzerland
--
A: It reverses the normal flow of conversation.
Q: What's wrong with top-posting?
A: Top-posting.
Q: What's the biggest scourge on plain text email discussions?

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe [at] httpd.apache.org
" from the digest: users-digest-unsubscribe [at] httpd.apache.org
For additional commands, e-mail: users-help [at] httpd.apache.org

DQoNCi0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0NCkZyb206IEtyaXN0 IHZhbiBCZXNpZW4g
PGtyaXN0LnZhbmJlc2llbkBnbWFpbC5jb20+DQpUbzogdXNlcnNAaHR0cGQu YXBhY2hlLm9yZyA8
dXNlcnNAaHR0cGQuYXBhY2hlLm9yZz4NClNlbnQ6IFdlZCBEZWMgMTYgMDc6 MTc6NDMgMjAwOQ0K
U3ViamVjdDogUmU6IFt1c2Vyc0BodHRwZF0gRW5hYmxpbmcgU1NMIG9uIGEg dmlydHVhbCBob3N0
DQoNCk9uIFR1ZSwgRGVjIDE1LCAyMDA5IGF0IDU6MzcgUE0sIEpvbmF0aGFu IE1hc3QNCjxqaG1h
c3QuZGV2ZWxvcGVyQGdtYWlsLmNvbT4gd3JvdGU6DQo+IEknbSB0aGlua2lu ZyB0aGF0IHRoZSBo
b3N0IG5hbWUgYWN0dWFsbHkgaXMgcmVxdWlyZWQgaW4gdGhlIFZpcnR1YWxI b3N0DQoNCk5vIGl0
IGlzIG5vdCByZXF1aXJlZC4NCg0KQSBob3N0bmFtZSBpbiBhIFZpcnR1YWxI b3N0IGRpcmVjdGl2
ZSBpcyBpbnRlcm5hbGx5IGNvbnZlcnRlZCB0byBhbiBJUA0KYWRkcmVzcyBh bmQgb25seSBuZWVk
ZWQgaWYgdGhpcyBWaXJ0dWFsSG9zdCBuZWVkcyB0byBiZSBib3VuZCB0byBh DQpwYXJ0aWN1bGFy
IElQIG9uIGEgbXVsdGkgaG9tZWQgaG9zdC4gSW4gbW9zdCBwcmFjdGljYWwg c2NlbmFyaW9zDQpo
YXZpbmcgKjo0NDMgYW5kICo6ODAgaW4geW91ciBWaXJ0dWFIb3N0IGRpcmVj aXZlcyBpcyBwZXJm
ZWN0bHkNCmFkZXF1YXRlLg0KDQpLcmlzdA0KDQotLQ0Ka3Jpc3QudmFuYmVz aWVuQGdtYWlsLmNv
bQ0Ka3Jpc3RAdmFuYmVzaWVuLm9yZw0KQnJlbWdhcnRlbiBiLiBCZXJuLCBT d2l0emVybGFuZA0K
LS0NCkE6IEl0IHJldmVyc2VzIHRoZSBub3JtYWwgZmxvdyBvZiBjb252ZXJz YXRpb24uDQpROiBX
aGF0J3Mgd3Jvbmcgd2l0aCB0b3AtcG9zdGluZz8NCkE6IFRvcC1wb3N0aW5n Lg0KUTogV2hhdCdz
IHRoZSBiaWdnZXN0IHNjb3VyZ2Ugb24gcGxhaW4gdGV4dCBlbWFpbCBkaXNj dXNzaW9ucz8NCg0K
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tDQpUaGUgb2ZmaWNpYWwgVXNlci1Uby1Vc2VyIHN1cHBv cnQgZm9ydW0gb2Yg
dGhlIEFwYWNoZSBIVFRQIFNlcnZlciBQcm9qZWN0Lg0KU2VlIDxVUkw6aHR0 cDovL2h0dHBkLmFw
YWNoZS5vcmcvdXNlcnNsaXN0Lmh0bWw+IGZvciBtb3JlIGluZm8uDQpUbyB1 bnN1YnNjcmliZSwg
ZS1tYWlsOiB1c2Vycy11bnN1YnNjcmliZUBodHRwZC5hcGFjaGUub3JnDQog ICAiICAgZnJvbSB0
aGUgZGlnZXN0OiB1c2Vycy1kaWdlc3QtdW5zdWJzY3JpYmVAaHR0cGQuYXBh Y2hlLm9yZw0KRm9y
IGFkZGl0aW9uYWwgY29tbWFuZHMsIGUtbWFpbDogdXNlcnMtaGVscEBodHRw ZC5hcGFjaGUub3Jn
DQoNCg0KVFJBVkVMIEJVRyBFRkZFQ1Q6IENyYXZpbmcgZm9yIGEgQ2hhbGxl bmdlDQpNYW4gVi4g
Rm9vZCwgV2VkbmVzZGF5cyBhdCAxMFBNIEUvUA0KQ0FUQ0ggSVQgIHwgIHRy YXZlbGNoYW5uZWwu
Y29tDQo=

DQoNCi0tLS0tIE9yaWdpbmFsIE1lc3NhZ2UgLS0tLS0NCkZyb206IEtyaXN0 IHZhbiBCZXNpZW4g
PGtyaXN0LnZhbmJlc2llbkBnbWFpbC5jb20+DQpUbzogdXNlcnNAaHR0cGQu YXBhY2hlLm9yZyA8
dXNlcnNAaHR0cGQuYXBhY2hlLm9yZz4NClNlbnQ6IFdlZCBEZWMgMTYgMDc6 MTc6NDMgMjAwOQ0K
U3ViamVjdDogUmU6IFt1c2Vyc0BodHRwZF0gRW5hYmxpbmcgU1NMIG9uIGEg dmlydHVhbCBob3N0
DQoNCk9uIFR1ZSwgRGVjIDE1LCAyMDA5IGF0IDU6MzcgUE0sIEpvbmF0aGFu IE1hc3QNCjxqaG1h
c3QuZGV2ZWxvcGVyQGdtYWlsLmNvbT4gd3JvdGU6DQo+IEknbSB0aGlua2lu ZyB0aGF0IHRoZSBo
b3N0IG5hbWUgYWN0dWFsbHkgaXMgcmVxdWlyZWQgaW4gdGhlIFZpcnR1YWxI b3N0DQoNCk5vIGl0
IGlzIG5vdCByZXF1aXJlZC4NCg0KQSBob3N0bmFtZSBpbiBhIFZpcnR1YWxI b3N0IGRpcmVjdGl2
ZSBpcyBpbnRlcm5hbGx5IGNvbnZlcnRlZCB0byBhbiBJUA0KYWRkcmVzcyBh bmQgb25seSBuZWVk
ZWQgaWYgdGhpcyBWaXJ0dWFsSG9zdCBuZWVkcyB0byBiZSBib3VuZCB0byBh DQpwYXJ0aWN1bGFy
IElQIG9uIGEgbXVsdGkgaG9tZWQgaG9zdC4gSW4gbW9zdCBwcmFjdGljYWwg c2NlbmFyaW9zDQpo
YXZpbmcgKjo0NDMgYW5kICo6ODAgaW4geW91ciBWaXJ0dWFIb3N0IGRpcmVj aXZlcyBpcyBwZXJm
ZWN0bHkNCmFkZXF1YXRlLg0KDQpLcmlzdA0KDQotLQ0Ka3Jpc3QudmFuYmVz aWVuQGdtYWlsLmNv
bQ0Ka3Jpc3RAdmFuYmVzaWVuLm9yZw0KQnJlbWdhcnRlbiBiLiBCZXJuLCBT d2l0emVybGFuZA0K
LS0NCkE6IEl0IHJldmVyc2VzIHRoZSBub3JtYWwgZmxvdyBvZiBjb252ZXJz YXRpb24uDQpROiBX
aGF0J3Mgd3Jvbmcgd2l0aCB0b3AtcG9zdGluZz8NCkE6IFRvcC1wb3N0aW5n Lg0KUTogV2hhdCdz
IHRoZSBiaWdnZXN0IHNjb3VyZ2Ugb24gcGxhaW4gdGV4dCBlbWFpbCBkaXNj dXNzaW9ucz8NCg0K
LS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0t LS0tLS0tLS0tLS0t
LS0tLS0tLS0tLS0tDQpUaGUgb2ZmaWNpYWwgVXNlci1Uby1Vc2VyIHN1cHBv cnQgZm9ydW0gb2Yg
dGhlIEFwYWNoZSBIVFRQIFNlcnZlciBQcm9qZWN0Lg0KU2VlIDxVUkw6aHR0 cDovL2h0dHBkLmFw
YWNoZS5vcmcvdXNlcnNsaXN0Lmh0bWw+IGZvciBtb3JlIGluZm8uDQpUbyB1 bnN1YnNjcmliZSwg
ZS1tYWlsOiB1c2Vycy11bnN1YnNjcmliZUBodHRwZC5hcGFjaGUub3JnDQog ICAiICAgZnJvbSB0
aGUgZGlnZXN0OiB1c2Vycy1kaWdlc3QtdW5zdWJzY3JpYmVAaHR0cGQuYXBh Y2hlLm9yZw0KRm9y
IGFkZGl0aW9uYWwgY29tbWFuZHMsIGUtbWFpbDogdXNlcnMtaGVscEBodHRw ZC5hcGFjaGUub3Jn
DQoNCg0KVFJBVkVMIEJVRyBFRkZFQ1Q6IENyYXZpbmcgZm9yIGEgQ2hhbGxl bmdlDQpNYW4gVi4g
Rm9vZCwgV2VkbmVzZGF5cyBhdCAxMFBNIEUvUA0KQ0FUQ0ggSVQgIHwgIHRy YXZlbGNoYW5uZWwu
Y29tDQo=