I once had this working on one of my "play" machines. Unfortunately this
configuration is long since wiped. However as this thread below is in
danger of running out of steam I have found my achieved notes from
backup DVD. They may help, although out of context they may not make
much sense.
My set up was to support both SSL (port 443) and standard HTML (port 80)
on the same server, but the principle is the same for multiple sites on
one server. Skip the certificate stuff if not needed.
You can do this is two ways: Multiple IP addresses on one server &
multiple Domain names (identified in the request header information)
using the same server IP address. These notes are for a single IP
address.
This may not be the best way of doing it. My notes may have got confused
in places (it did not work for me first time round, and I tried to keep
my notes in line with the eventual configuration, but I may not have
succeeded - I never rebuilt on a clean server to test these notes).
Because I no longer have the server build, I can't support these notes
if they do not work. Sorry. Nevertheless they might help.
--- o 0 o ---
Before configuring Apache, stop the server:
• sudo /etc/init.d/apache2 stop
To configure the Apache 2 server name (only needed if not registered in
DNS):
• sudo vi /ect/apache2/apache2.conf
append to end of file:
# ServerName
ServerName <servername.com>
Generate a self-signed SSL certificate
(NB. Self-signed SSL certificates are really only for testing, replace
it with one signed by a certification authority for the live server.)
• sudo apache2-ssl-certificate -days 365
Answer the questions:
Country Name (2 letter code) [GB]:GB
State or Province Name (full name) [Some-State]:UK
Locality Name (eg, city) []:xxx
Organization Name (eg, company; recommended) []:xxxx
Organizational Unit Name (eg, section) []:.
server name (eg. ssl.domain.tld; required!!!) []:xxxx.gotdns.com
Email Address []:xxx@...
(NB. To overwrite, "sudo apache2-ssl-certificate --force -days
365")
Enable the SSL port:
• sudo vi /etc/apache2/ports.conf
Edit to add "Listen 443" on the next line
Load the SSL module:
• sudo a2enmod ssl
(NB. If needed, the command to disable SSL is "sudo a2dismod
ssl")
WWW Directory structure
To make the directory structure
• cd /var/www
• sudo mkdir site-name-80
• sudo mkdir site-name-ssl
(Only needed if using SSL pages)
Add holding HTML pages to /var/www/site-name-80 & /var/www/site-name-ssl
Repeat the above steps for each web site needed.
Virtual Hosts (port 80)
Edit the default Web site configuration:
• sudo vi /etc/apache2/sites-available/default
Make the following edits to the file:
1. Edit the two lines to add "80" as follows (needed when SSL
sites are added):
NameVirtualHost *:80
<VirtualHost *:80>
...
</VirtualHost>
2. Edit the server administration email address:
ServerAdmin <valid email for the webmaster>
3. Also edit the correct path to the directory for the default site
Copy the default Web site configuration and customise it for each web
site needed:
• sudo cp /etc/apache2/sites-available/default
/etc/apache2/sites-available/sitename-80
• sudo vi /etc/apache2/sites-available/sitename-80
Edit as follows:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName sitename.co.uk
ServerAlias www.sitename.co.uk (http://www.sitename.co.uk/)
DocumentRoot /var/www/sitename-80
CustomLog /var/log/apache2/sitename-80-access.log combined
ErrorLog /var/log/apache2/sitename.com-error.log
</VirtualHost>
Mod rewrite
If needed we can force users to access sites with sensitive or private
content via SSL / https using "mod_rewrite".
First enable the module:
• sudo a2enmod rewrite
Then add the following to /etc/apache2/sites-available/sitename-80
RewriteEngine on
RewriteCond %{SERVER_PORT} ^80$
RewriteRule ^/directory(.*)$ https://%{site-name}/directory$1 [L,R]
RewriteLog "/var/log/apache2/rewrite.log"
RewriteLogLevel 2
Create directory for pidfile; it may be missing
• sudo mkdir -p /var/run/apache2
• sudo chown -R www-data /var/run/apache2
N.B. If this section is being used out of context with the other steps
in this post, don't forget to restart apache
• sudo /etc/init.d/apache2 force-reload
Virtual Hosts SSL (port 443)
Copy a new configuration file for a SSL virtual server from the standard
(port 80) configuration file:
• sudo cp /etc/apache2/sites-available/sitename-80
/etc/apache2/sites-available/sitename-443
Edit the new configuration file for a SSL virtual server:
• sudo vi /etc/apache2/sites-available/sitename-443
Edit as follows:
NameVirtualHost *:443
<VirtualHost *:443>
(... edit the directories too...)
Also, in the same file:
Find the commented area which says "# Possible values include: debug,
info, notice, warn, error, crit..." and after this add:
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/apache.pem
Enable the new sites
Enable each new site (both 80 & 443) with the command:
• a2ensite <sitename>
Create a symbolic link to the new configuration file in the Site
Available folder:
• sudo ln -s /etc/apache2/sites-available/ssl
/etc/apache2/sites-enabled/ssl
Restart the server
Restart the web server:
• sudo /etc/init.d/apache2 restart