Apache ignoring documentroot with multiple SSL domains, not working

January 20, 2015 3.6k views
IMsupporting
By:
IMsupporting

I am pulling my hair out here.

I have Apache running with two different domains running SSL using SNI.

The config is below. If I connect to console.somedomain.com it puts users in /var/www/html/ rather than /var/www/html/somedomain/Admin/adminv4/

However, If I connect to support1.somedomain.com , it works fine and are in the correct directory.

What one earth could be wrong here? The directory is valid.

<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/Admin/adminv4/"
ServerName console.somedomain.com
SSLEngine On
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/console.somedomain.com/console.somedomain.com.key
<Directory "/var/www/html/somedomain/Admin/adminv4/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
#
#
#NameVirtualHost support1.somedomain.com:443
<VirtualHost *:443>
DocumentRoot "/var/www/html/somedomain/"
ServerName support1.somedomain.com
SSLEngine on
SSLProtocol all -SSLv2
SSLCertificateFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/support1_somedomain_com/support1.somedomain.com.key
SSLCertificateChainFile /etc/httpd/ssl/support1_somedomain_com/latest.ca-bundle
<Directory "/var/www/html/somedomain/">
allow from all
Options +Indexes
</Directory>
</VirtualHost>
Log In to Comment
1 Answer
IMsupporting January 20, 2015

Fixed it.

Turns out after this command:

apachectl -t -D DUMP_VHOSTS

*:443 is a NameVirtualHost default server console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) port 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) port 443 namevhost console.somedomain.com (/etc/httpd/conf.d/ssl.conf:56) port 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441) port 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:441) port 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455) port 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:455)

Showed that console was reffered to in ssl.conf.

After looking, SSL.conf only had the default ssl.

I then remembered that my actual system hostname was console.somedomain.com

So, I removed the default ( i dont want anything else on SSL anyway. just vhosts i define. )

Restarted apache and now it works: apachectl -t -D DUMP_VHOSTS *:443 is a NameVirtualHost default server support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) port 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) port 443 namevhost support1.somedomain.com (/etc/httpd/conf/httpd.conf:444) port 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458) port 443 namevhost console.somedomain.com (/etc/httpd/conf/httpd.conf:458)

Reply
Have another answer? Share your knowledge.