Scenario:
I have an Apache Server(SSL enabled) and tomcat running on my machine
and there is one application (app1) hosted on tomcat which is only
accessible from Apache Server. You cannot access it directly from
tomcat.
Now
you want to access app1 using multiple domains i.e.
domain1.waheedtechblog.com annd domain2.waheedtechblog.com should
point to the same application which is hosted on tomcat.(I want to implement different Authentication mechanism based on different domains)
Solution: The above case can be achieved using NameBased VirtualHosts and SSL.
First you need to uncomment following lines form ${apache}/conf/httpd.conf file
- LoadModule ssl_module modules/mod_ssl.so
- LoadModule proxy_module modules/mod_proxy.so
- LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
- LoadModule rewrite_module modules/mod_rewrite.so
- LoadModule proxy_http_module modules/mod_proxy_http.so
- Include conf/extra/httpd-ssl.conf
then
goto ${apache}/conf/extra/httpd-ssl.conf file add Virtualhost tag for
each domain.
Listen
443
NameVirtualHost
*:443
<VirtualHost
*:443>
DocumentRoot
"c:/Apache2/htdocs"
ServerName
domain1.waheedtechblog.com
ServerAdmin
admin@example.com
ErrorLog
"c:/Apache2/logs/error_domain1.log"
TransferLog
"c:/Apache2/logs/access_domain1.log"
SSLEngine
on
SSLCertificateFile
"C:\Apache2\certificate\domain1.crt"
SSLCertificateKeyFile
"C:\Apache2\certificate\domain1.key"
ProxyPass
/ ajp://sp.domain.com:8009/app1/
BrowserMatch
"MSIE [2-5]" \
nokeepalive
ssl-unclean-shutdown \
downgrade-1.0
force-response-1.0
</VirtualHost>
<VirtualHost
*:443>
DocumentRoot
"c:/Apache2/htdocs"
ServerName
domain2.waheedtechblog.com
ServerAdmin
admin@example.com
ErrorLog
"c:/Apache2/logs/error_domain2.log"
TransferLog
"c:/Apache2/logs/access_domain2.log"
SSLEngine
on
SSLCertificateFile
"C:\Apache2\certificate\domain2.crt"
SSLCertificateKeyFile
"C:\Apache2\certificate\domain2.key"
ProxyPass
/ ajp://sp.domain.com:8009/app1/
BrowserMatch
"MSIE [2-5]" \
nokeepalive
ssl-unclean-shutdown \
downgrade-1.0
force-response-1.0
</VirtualHost>
Points
to remember:
- Add all DNS entry in system hosts file Eg: for windows (Add “127.0.0.1 domain1.waheedtechblog.com” to “C:\Windows\System32\drivers\etc\hosts”)
- Make sure you are using different certificates and Key for each domain or else it will always point to default VirtualHost i.e. first one that you have defined. Click here on how to generate key and certificate.
- In proxyPass, always ends with '/' or else you will see redirect issue.
In
case of any issue, You can drop your comment in the comment box.
https://wiki.apache.org/httpd/NameBasedSSLVHosts