[BlueOnyx:24486] Re: Questions about LE and domain aliases
Michael Stauber
mstauber at blueonyx.it
Wed Nov 11 15:07:04 -05 2020
Hi Dirk,
> Can you show me the <Virtualhost 443></Virtualhost> section from
> /etc/httpd/conf/vhosts/site<nr> for this example?
Please recall that 5209R and 5210R do have the option to use "Nginx SSL
Proxy". If that is enabled, handling of anything port 443 related is
removed from Apache and handed over to Nginx.
In any case, both <Virtualhost 80> and <Virtualhost 443> entries will
have the same hostnames and aliases.
My example: Vsite 5210r1.smd.net with the following Web Server Aliases:
one.smd.net
oneone.smd.net
oneoneone.smd.net
The siteX file for that Vsite starts like this:
<VirtualHost 208.77.151.213:80>
ServerName 5210r1.smd.net
ServerAlias one.smd.net oneone.smd.net oneoneone.smd.net
[...]
</VirtualHost>
If "Nginx SSL Proxy" is NOT enabled, then at the bottom of the siteX
file you also have the VH-container for 443:
<VirtualHost 208.77.151.213:443>
SSLengine on
SSLCompression off
[...]
ServerName 5210r1.smd.net
ServerAlias one.smd.net oneone.smd.net oneoneone.smd.net
[...]
</VirtualHost>
If "Nginx SSL Proxy" is enabled, Nginx will have the siteX file for SSL
instead and that's found in /etc/nginx/vsites/siteX:
# Do NOT edit this file. The GUI will replace this file on edits.
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name 5210r1.smd.net one.smd.net oneone.smd.net
oneoneone.smd.net;
include /etc/nginx/headers.d/*.conf;
[...]
}
Nginx has no aliases in that sense. Instead it all goes into
'server_name', which then serves the same purpose.
> Because yes, the names are in the certificate, I saw that too. But if the
> names are not listed as ServerAlias in the https section of the site's
> Apache configuration, then they don't help.
That's true. The question is: Don't you have the aliases listed in
either Apaches or Nginx's siteX include file(s)?
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list