Apache SSL config for a folder

espfutbol98

espfutbol98

New Member
Messages
200
Reaction score
2
Points
0
I have quite an array of Named Virtual Hosts with different SSL certificates but I have a folder (.../0583/PKI) with the name secure.domain.com/PKI but the problem is the folder (/0583) has been set up to use a different certificate on the domain secure.domain.com. The base one is verified by StartSSL and the one in the PKI folder is from my own CA used for client SSL authentication. Here's the whole virtual host file just in case I have some other errors:
Code: 
NameVirtualHost *:80
<VirtualHost *:80>
  ServerName domain.com
  DocumentRoot "F:/htdocs"
</VirtualHost>
<VirtualHost *:80>
  ServerName development.domain.com
  DocumentRoot "C:/xampp/htdocs"
</VirtualHost>
<VirtualHost *:80>
  ServerName lmds.domain.com
  DocumentRoot "F:/htdocs/lmds"
</VirtualHost>
<VirtualHost *:80>
  ServerName secure.domain.com/PKI
  DocumentRoot "F:/htdocs/0853/PKI"
</VirtualHost>
<VirtualHost *:80>
  ServerName secure.domain.com
  DocumentRoot "F:/htdocs/secure"
</VirtualHost>
<VirtualHost *:80>
  ServerName login.domain.com
  DocumentRoot "F:/htdocs/0853"
</VirtualHost>
<VirtualHost *:80>
  ServerName user.domain.com
  DocumentRoot "F:/htdocs/proxy"
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
    DocumentRoot "F:/htdocs"
    ServerName domain.com:443
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/ssl.crt/domain.com.crt"
    SSLCertificateKeyFile "conf/ssl.key/server.key"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    SSLCACertificateFile "conf/ssl.crt/sf_bundle.crt"
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "F:/htdocs/lmds"
    ServerName lmds.domain.com:443
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/lmds/lmds.crt"
    SSLCertificateKeyFile "conf/lmds/lmds.key"
    SSLCertificateChainFile "conf/startssl/sub.class1.server.ca.pem"
    SSLCACertificateFile "conf/startssl/ca.pem"
    
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "C:/xampp/htdocs"
    ServerName development.domain.com:443
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/ca/server.crt"
    SSLCertificateKeyFile "conf/ca/server.key"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    SSLCACertificateFile "conf/ca/ca.crt"
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "F:/htdocs/secure"
    ServerName 001.domain.com:443
    SSLEngine on
    SSLVerifyClient require
    SSLVerifyDepth 10
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/ca/server.crt"
    SSLCertificateKeyFile "conf/ca/server.key"
    SSLCACertificateFile "conf/ca/ca.crt"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
        SSLOptions +ExportCertData
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
<IfDefine SSL>
    SSLRequireSSL
    SSLRequire %{SSL_CLIENT_S_DN_O}  eq "US Government" and %{SSL_CLIENT_S_DN_OU} in {"DoD"}
</IfDefine>
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "F:/htdocs/0853/PKI"
    ServerName secure.domain.com/PKI:443
    SSLEngine on
    SSLVerifyClient require
    SSLVerifyDepth 10
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/ca/server.crt"
    SSLCertificateKeyFile "conf/ca/server.key"
    SSLCACertificateFile "conf/ca/ca.crt"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
        SSLOptions +ExportCertData
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
  <IfDefine SSL>
    SSLRequireSSL
    SSLRequire %{SSL_CLIENT_S_DN_O}  eq "US Government" and %{SSL_CLIENT_S_DN_OU} in {"DoD"}
  </IfDefine>
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "F:/htdocs/0853"
    ServerName secure.domain.com:443
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/startssl/startssl.crt"
    SSLCertificateKeyFile "conf/startssl/startssl.key"
    SSLCertificateChainFile "conf/startssl/sub.class1.server.ca.pem"
    SSLCACertificateFile "conf/startssl/ca.pem"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
        SSLOptions +ExportCertData
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
<VirtualHost *:443>
    DocumentRoot "F:/htdocs/proxy"
    ServerName user.domain.com:443
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/startssl/user.crt"
    SSLCertificateKeyFile "conf/startssl/user.key"
    SSLCertificateChainFile "conf/startssl/sub.class1.server.ca.pem"
    SSLCACertificateFile "conf/startssl/ca.pem"
    <FilesMatch "\.(cgi|shtml|pl|asp|php)$">
        SSLOptions +StdEnvVars
        SSLOptions +ExportCertData
    </FilesMatch>
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
</VirtualHost>
 
You must log in or register to reply here.
Top