[ic] Multiple catalogs with single VirtualHost
William Carr
bill at bottlenose-wine.com
Wed Apr 16 14:11:02 UTC 2014
On Apr 14, 2014, at 7:55 PM, Peter <peter at pajamian.dhs.org> wrote:
> On 04/10/2014 04:09 AM, William Carr wrote:
>> Is it possible to have multiple catalogs with a single apache virtual
>> host like follows?
>>
>> apache.conf
>>
>> <VirtualHost *:443>
>> ServerAlias site1.domain.com
>> ServerAlias site2.domain.com
>> </VirtualHost>
>>
>> catalog.cfg
>>
>> Catalog site1 /www/site1/ic site1.domain.com
>> Catalog site2 /www/site2/ic site2.domain.com
>>
>> I am trying to serve up multiple interchange catalogs with a single
>> wildcard certificate for the domain *.bottlenose-wine.com.
>
> You can also use separate virtualhost containers using name-based
> virtual hosts with the same wildcard certificate in each. It will work
> in spite of what you read about not being able to use name based virtual
> hosts with TLS. What will happen is the cert will be pulled from the
> first virtualhost container for that IP address and once TLS has been
> negotiated the httpd session will start and the correct virtual host
> container will be picked based on the "Host" header.
Thanks for the feedback. Very helpful.
Consider this setup...
<VirtualHost *:80>
ServerName www.millroadwines.com
...
</VirtualHost>
<VirtualHost *:443>
ServerName millroadwines.bottlenose-wine.com
SSLCertificateFile bottlenose-wine.com.crt (wilcard cert for *.bottlenose-wine.com)
...
</VirtualHost>
This almost gets to where we want to be but how do we know what our session is going from 80 to 443 and vice versa? Over the years I've been removing the id parameter from my URLs thinking someday I'd think about preventing session hijacking.
Bill Carr, President at Bottlenose
(413) 584-0400
http://www.bottlenose-wine.com
More information about the interchange-users
mailing list