Apache2: How to split out the SSL configuration?
Posted
by
Klaas van Schelven
on Server Fault
See other posts from Server Fault
or by Klaas van Schelven
Published on 2011-06-26T12:13:48Z
Indexed on
2011/06/26
16:23 UTC
Read the original article
Hit count: 403
In Apache2, I'd like to separately define my SSL-related stuff once, and in a separate file from the rest of the configuration. This is mostly a matter of taste, but it also allows me to include the rest of the configuration in my automatic deployment process.
I.e.: current situation:
# in file: 0000-ourdomain.com.conf (number needs to be low)
<VirtualHost xx.xx.xx.xx:443>
# SSL part
SSLEngine on
SSLCertificateFile ....crt
SSLCACertificateFile ...pem
SSLCertificateChainFile ...intermediate.pem
SSLCertificateKeyFile ....wildcard.ourdomain.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
ServerName www.ourdomain.com
ServerAlias ourdomain.com
# the actual configuration, as found for xx.xx.xx.xx:80, repeated
</VirtualHost>
I'd like
# in file: 0000-ssl-stuff
<VirtualHost xx.xx.xx.xx:443>
# SSL part
SSLEngine on
SSLCertificateFile ....crt
SSLCACertificateFile ...pem
SSLCertificateChainFile ...intermediate.pem
SSLCertificateKeyFile ....wildcard.ourdomain.com.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
ServerName www.ourdomain.com
ServerAlias ourdomain.com
</VirtualHost>
# in file: ourdomain.com.conf
<VirtualHost xx.xx.xx.xx:443>
# the actual configuration, as found for xx.xx.xx.xx:80, repeated
</VirtualHost>
Unfortunately, this does not seem to work. Apache SSL fails, though it does not give an error message at reload or syntax-check.
My best found workaround is to us an Include
directive from the 0000-ssl file.
Many thanks!
© Server Fault or respective owner