apachesslhttpsopensslvirtualhost

How to configure SSL in Apache

How to configure SSL in apache webserver for both frontend and backend of yii2 project having the same IP but different port numbers and DocumentRoot?

Below is how I have tried but it's only work for whatever virtualHost block I start with.

I am using centOS 7

in ssl.conf file

<VirtualHost 192.168.12.125:443>
    ServerName test.mydomain.co.tz
    DocumentRoot /var/www/html/tan_web/frontend/web
    SSLEngine on
    SSLCertificateFile /var/www/html/tan_web/sslDocs/mail_tanesco_co_tz.crt
    SSLCertificateKeyFile /var/www/html/tan_web/sslDocs/test_tanesco_co_tz.key
    SSLCertificateChainFile /var/www/html/tan_web/sslDocs/DigiCertCA.crt
</VirtualHost>

<VirtualHost 192.168.12.125:443>
    ServerName test.mydomain.co.tz:8080
    DocumentRoot /var/www/html/tan_web/backend/web
    SSLEngine on
    SSLCertificateFile /var/www/html/tan_web/sslDocs/mail_tanesco_co_tz.crt
    SSLCertificateKeyFile /var/www/html/tan_web/sslDocs/test_tanesco_co_tz.key
    SSLCertificateChainFile /var/www/html/tan_web/sslDocs/DigiCertCA.crt
</VirtualHost>

and in httpd.conf

<VirtualHost 192.168.12.125:80>
    ServerAdmin admin@mydomain.co.tz
    ServerName test.mydomain.co.tz:80
    DocumentRoot /var/www/html/tan_web/frontend/web
    Redirect permanent / https://test.mydomain.co.tz/
</VirtualHost>

<VirtualHost 192.168.12.125:8080>
    ServerAdmin admin@mydomain.co.tz
    ServerName test.mydomain.co.tz:8080
    DocumentRoot /var/www/html/tan_web/backend/web
    Redirect permanent / https://test.mydomain.co.tz:8080/
</VirtualHost>

Anyone to help, I have stacked here for some days. Thank you.

Solution

  • in virtualhost, you should have a unique combination of ipaddress and port. for example in the second block, change it from 443 to 8443

    <VirtualHost 192.168.12.125:443>
    ServerName test.mydomain.co.tz
    DocumentRoot /var/www/html/tan_web/frontend/web
    SSLEngine on
    SSLCertificateFile /var/www/html/tan_web/sslDocs/mail_tanesco_co_tz.crt
    SSLCertificateKeyFile /var/www/html/tan_web/sslDocs/test_tanesco_co_tz.key
    SSLCertificateChainFile /var/www/html/tan_web/sslDocs/DigiCertCA.crt
</VirtualHost>

<VirtualHost 192.168.12.125:8443> <!-- Change the port here -->
    ServerName test.mydomain.co.tz:8080
    DocumentRoot /var/www/html/tan_web/backend/web
    SSLEngine on
    SSLCertificateFile /var/www/html/tan_web/sslDocs/mail_tanesco_co_tz.crt
    SSLCertificateKeyFile /var/www/html/tan_web/sslDocs/test_tanesco_co_tz.key
    SSLCertificateChainFile /var/www/html/tan_web/sslDocs/DigiCertCA.crt
</VirtualHost>

    in httpd.conf, the http traffic has to be directed to the relevant ports:

    <VirtualHost 192.168.12.125:80>
    ServerAdmin admin@mydomain.co.tz
    ServerName test.mydomain.co.tz:80
    DocumentRoot /var/www/html/tan_web/frontend/web
    Redirect permanent / https://test.mydomain.co.tz/
</VirtualHost>

<VirtualHost 192.168.12.125:8080>
    ServerAdmin admin@mydomain.co.tz
    ServerName test.mydomain.co.tz:8080
    DocumentRoot /var/www/html/tan_web/backend/web
    Redirect permanent / https://test.mydomain.co.tz:8443/ <!-- Redirect to the new port -->
</VirtualHost>