Multiple SSL Certificates Running on Mac OS X 10.6

Posted on Server Fault See other posts from Server Fault
Published on 2009-11-23T03:39:49Z Indexed on 2012/06/27 21:19 UTC
Read the original article Hit count: 249

Filed under:
|
|
|
|

I have been running into walls with this for a while, so I posted at stackoverflow, and I was pointed over here...

I am attempting to setup multiple IP addresses on Snow Leopard so that I can develop with SSL certificates. I am running XAMPP - I don't know if that is the problem, but I guess I would run into the same problems, considering the built in apache is turned off.

So first up I looked into starting up the IPs on start up. I got up an running with a new StartupItem that runs correctly, because I can ping the ip address:

ping 127.0.0.2
ping 127.0.0.1

And both of them work. So now I have IP addresses, which as you may know are not standard on OSx.

I edited the /etc/hosts file to include the new sites too:

127.0.0.1    site1.local
127.0.0.2    site2.local

I had already changed the httpd.conf to use the httpd-vhosts.conf - because I had a few sites running on the one IP address.

I have edited the vhosts file so a site looks like this:

<VirtualHost 127.0.0.1:80>
  DocumentRoot "/Users/jim/Documents/Projects/site1/web"  
  ServerName site1.local
  <Directory "/Users/jim/Documents/Projects/site1">
    Order deny,allow
    Deny from All
    Allow from 127.0.0.1
    AllowOverride All
  </Directory>
</VirtualHost>

<VirtualHost 127.0.0.1:443>
  DocumentRoot "/Users/jim/Documents/Projects/site1/web"
  ServerName site1.local
  SSLEngine On
  SSLCertificateFile "/Applications/XAMPP/etc/ssl-certs/myssl.crt"
  SSLCertificateKeyFile "/Applications/XAMPP/etc/ssl-certs/myssl.key"
  SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
  <Directory "/Users/jim/Documents/Projects/site1">
    Order deny,allow
    Deny from All
    Allow from 127.0.0.1
    AllowOverride All
  </Directory>
</VirtualHost>

In the above code, you can change the 1's to 2's and it is the setup for the second site. They do use the same certificate, which is why they are on different IP addresses.

I also included the NameVirtualHost information at the top of the file:

NameVirtualHost 127.0.0.1:80
NameVirtualHost 127.0.0.2:80
NameVirtualHost 127.0.0.1:443
NameVirtualHost 127.0.0.2:443

I can ping site1.local and site2.local. I can use telnet ( telnet site2.local 80 ) to get into both sites. But in Safari I can only get to the first site1.local - navigating to site2.local gives me either the localhost main page (which is included in the vhosts) or gives me a Access forbidden!.

I am usure what to do, any suggestions would be awesome.

© Server Fault or respective owner

Related posts about apache2

Related posts about ssl