View All Products
Compute
Storage
Databases
Networking
Developer Tools
Delivery
Security
Services
Industries
Pricing
Community
Engage With Us
Community Questions Multiple SSL websites with multiple IP addresses
Log in to Ask a Question

Multiple SSL websites with multiple IP addresses

development

I have 2 SSL websites I'm trying to serve from a Linode with 2 IP addresses (Apache/Fedora). I had no trouble with setting up the vhost.conf to support the 2 websites for http access, one per IP address. But the SSL part is tripping me up.

I have the 1st site working with 1 IP address. But when I add the second entry in ssl.conf, and then do 'service httpd restart', it fails with:
> Restarting httpd (via systemctl): Job failed. See system logs and 'systemctl status' for details.

[FAILED]

There's nothing in either the vhost or ssl error log, so I'm not clear what's failing (though I've gotten "caught SIGTERM, shutting down" with some tweaks.

If I remove the 2nd from ssl.conf, the restart works. I can use either website in http, but of course only the 1st with https.

The 2nd I remove looks like (where 1.2.3.4 is the 2nd IP address, and mysite.com is my 2nd website):

 <virtualhost 1.2.3.4:443="">DocumentRoot "/srv/www/mysite.com/public_html/"
     ServerName http://www.mysite.com

     ErrorLog logs/ssl_error_log
     TransferLog logs/ssl_access_log
     LogLevel warn

     SSLEngine On
     SSLProtocol all -SSLv2
     SSLCipherSuite RC4-SHA:AES128-SHA:ALL:!ADH:!EXP:!LOW:!MD5:!SSLV2:!NULL

     SSLCertificateFile /etc/httpd/ssl/www_mysite_com.crt
     SSLCertificateKeyFile /etc/httpd/ssl/www.mysite.com.key
     SSLCertificateChainFile /etc/httpd/ssl/the_bundle.crt</virtualhost>

Any help would be most appreciated!

6 Replies

Probably shouldn't have "http://" in the ServerName.

apache2ctl configtest

and/or read the error logs

Okay, just so I don't send somebody else off in a mixed up direction… apachectl configtest (which works for my Apache 2.2 instance) revealed the problem… a problem with my .key file. Oops. That's embarrassing. I didn't really have http:// in the ServerName (not sure why I typed that :-?).

Anyway, correcting the .key file and re-key-ing solved the problem. Thanks for the apachectl configtest suggestion!

@whatisron:

I didn't really have http:// in the ServerName (not sure why I typed that :-?).

This is why we recommend that you don't redact or change information when you post config files or logs. It's 10 times easier to debug issues when we're seeing the same things you are.

-Doug

Duly noted… I actually thought I'd copied/pasted from the .conf file, so I'm not sure how that happened. In any case, apologies for that -- I do get the problem you're pointing out!

@whatisron:

I didn't really have http:// in the ServerName (not sure why I typed that :-?).
You probably didn't. The forum often adds it to the beginning when it sees http://www.something. (As evidence, I did not type the preceding sentence with a link or http prefix.)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Log in to Reply
Community Code of Conduct