Current time: 12-26-2024, 10:28 AM Hello There, Guest! (LoginRegister)


Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
GnuTLS hilfe
Author Message
Top44 Offline
Member
***

Posts: 271
Joined: Sep 2007
Reputation: 1
Post: #1
GnuTLS hilfe
Moin jungs,

nachdem ich mir diese ganze SSL geschichte durchgelesen habe, wollte ich mich mal an die tat machen.

Szenario :

2 Domains
2 Offizielle Certs

Problem :

Das cert der Domain1 funktioniert eigendlich so wie es soll, jedoch nutzt domain2 auch das cert von domain1, warum weiß ich nicht, da kommt ihr ins Spiel.

Also config Domain 1:
Code:
<VirtualHost xxx.xxx.xxx.xxx:443>

GnuTLSEnable on
GnuTLSExportCertificates on
GnuTLSCacheTimeout 500

GnuTLSCertificateFile /var/www/virtual/domain1.de/ssl/domain1.de.crt
GnuTLSKeyFile /var/www/virtual/domain1.de/ssl/domain1.de.key
GnuTLSPriorities NORMAL

ServerName domain1.de

DocumentRoot /var/www/virtual/domain1.de/htdocs

##Testing
ErrorLog /var/www/virtual/domain1.de/logs/ssl_log
CustomLog /var/www/virtual/domain1.de/logs/acces_log common

<IfModule suexec_module>
  SuexecUserGroup vu2005 vu2005
</IfModule>

ServerAdmin     webmaster@domain1.de
Alias /errors    /var/www/virtual/domain1.de/errors/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

<IfModule mod_cband.c>
CBandUser domain1.de
</IfModule>

    # httpd awstats support BEGIN.

    Alias /awstatsicons     "/usr/share/awstats/icon/"
    Alias /stats            "/var/www/virtual/domain1.de/statistics/"

    <Directory "/var/www/virtual/domain1.de/statistics">
        AllowOverride AuthConfig
        DirectoryIndex awstats.domain1.de.html
        Order allow,deny
        Allow from all
    </Directory>

    <Location /stats>
        AuthType Basic
        AuthName "Statistics for domain domain1.de"
        AuthUserFile /var/www/virtual/domain1.de/.htpasswd
        AuthGroupFile /var/www/virtual/domain1.de/.htgroup
        Require group statistics
    </Location>

   # httpd awstats support END.

    # httpd dmn entry cgi support BEGIN.
    ScriptAlias /cgi-bin/ /var/www/virtual/domain1.de/cgi-bin/
    <Directory /var/www/virtual/domain1.de/cgi-bin>
        AllowOverride AuthConfig
        #Options ExecCGI
        Order allow,deny
        Allow from all
    </Directory>
    # httpd dmn entry cgi support END.

    <Directory /var/www/virtual/domain1.dee/htdocs>
        # httpd dmn entry PHP support BEGIN.
        # httpd dmn entry PHP support END.
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # httpd dmn entry PHP2 support BEGIN.
    <IfModule mod_php5.c>
        php_admin_value open_basedir "/var/www/virtual/domain1.de/:/var/www/virtual/domain1.de/phptmp/:/usr/share/php/"
        php_admin_value upload_tmp_dir "/var/www/virtual/domain1.de/phptmp/"
        php_admin_value session.save_path "/var/www/virtual/domain1.de/phptmp/"
        php_admin_value sendmail_path '/usr/sbin/sendmail -f vu2005 -t -i'
    </IfModule>
    <IfModule mod_fastcgi.c>
        ScriptAlias /php5/ /var/www/fcgi/domain1.de/
        <Directory "/var/www/fcgi/domain1.de">
            AllowOverride None
            Options +ExecCGI -MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>
    <IfModule mod_fcgid.c>
        Include /etc/apache2/mods-available/fcgid_ispcp.conf
        <Directory /var/www/virtual/domain1.de/htdocs>
            FCGIWrapper /var/www/fcgi/domain1.de/php5-fcgi-starter .php
            Options +ExecCGI
        </Directory>
        <Directory "/var/www/fcgi/domain1.de">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>
    # httpd dmn entry PHP2 support END.

    Include /etc/apache2/ispcp/domain1.de.conf

</VirtualHost>


Domain2 config :
Code:
<VirtualHost xxx.xxx.xxx.xxx:443>

GnuTLSEnable on
GnuTLSExportCertificates on
GnuTLSCacheTimeout 500

GnuTLSCertificateFile /var/www/virtual/domain2.de/ssl/domain2_de.crt
GnuTLSKeyFile /var/www/virtual/domain2.de/ssl/domain2.de.key
GnuTLSPriorities NORMAL

ServerName domain2.de

DocumentRoot /var/www/virtual/domain2.de/htdocs

##Testing
ErrorLog /var/www/virtual/domain2.de/logs/ssl_log
CustomLog /var/www/virtual/domain2.de/logs/acces_log common

<IfModule suexec_module>
  SuexecUserGroup vu2001 vu2001
</IfModule>

ServerAdmin     webmaster@domain2.de
Alias /errors    /var/www/virtual/domain2.de/errors/

    ErrorDocument 401 /errors/401.html
    ErrorDocument 403 /errors/403.html
    ErrorDocument 404 /errors/404.html
    ErrorDocument 500 /errors/500.html
    ErrorDocument 503 /errors/503.html

<IfModule mod_cband.c>
CBandUser domain2.de
</IfModule>

    # httpd awstats support BEGIN.

    Alias /awstatsicons     "/usr/share/awstats/icon/"
    Alias /stats            "/var/www/virtual/domain2.de/statistics/"

    <Directory "/var/www/virtual/domain2.de/statistics">
        AllowOverride AuthConfig
        DirectoryIndex awstats.domain2.de.html
        Order allow,deny
        Allow from all
    </Directory>

    <Location /stats>
        AuthType Basic
        AuthName "Statistics for domain domain2.de"
        AuthUserFile /var/www/virtual/domain2.de/.htpasswd
        AuthGroupFile /var/www/virtual/domain2.de/.htgroup
        Require group statistics
    </Location>

   # httpd awstats support END.

    # httpd dmn entry cgi support BEGIN.
    ScriptAlias /cgi-bin/ /var/www/virtual/domain2.de/cgi-bin/
    <Directory /var/www/virtual/domain2.de/cgi-bin>
        AllowOverride AuthConfig
        #Options ExecCGI
        Order allow,deny
        Allow from all
    </Directory>
    # httpd dmn entry cgi support END.

    <Directory /var/www/virtual/domain2.de/htdocs>
        # httpd dmn entry PHP support BEGIN.
        # httpd dmn entry PHP support END.
        Options -Indexes Includes FollowSymLinks MultiViews
        AllowOverride All
        Order allow,deny
        Allow from all
    </Directory>

    # httpd dmn entry PHP2 support BEGIN.
    <IfModule mod_php5.c>
        php_admin_value open_basedir "/var/www/virtual/domain2.de/:/var/www/virtual/domain2.de/phptmp/:/usr/share/php/"
        php_admin_value upload_tmp_dir "/var/www/virtual/domain2.de/phptmp/"
        php_admin_value session.save_path "/var/www/virtual/domain2.de/phptmp/"
        php_admin_value sendmail_path '/usr/sbin/sendmail -f vu2001 -t -i'
    </IfModule>
    <IfModule mod_fastcgi.c>
        ScriptAlias /php5/ /var/www/fcgi/domain2.de/
        <Directory "/var/www/fcgi/domain2.de">
            AllowOverride None
            Options +ExecCGI -MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>
    <IfModule mod_fcgid.c>
        Include /etc/apache2/mods-available/fcgid_ispcp.conf
        <Directory /var/www/virtual/domain2.de/htdocs>
            FCGIWrapper /var/www/fcgi/domain2.de/php5-fcgi-starter .php
            Options +ExecCGI
        </Directory>
        <Directory "/var/www/fcgi/domain2.de.de">
            AllowOverride None
            Options +ExecCGI MultiViews -Indexes
            Order allow,deny
            Allow from all
        </Directory>
    </IfModule>
    # httpd dmn entry PHP2 support END.

    Include /etc/apache2/ispcp/domain2.de.conf

  </VirtualHost>

Evtl. findet ihr einen Fehler?

Grüße
(This post was last modified: 07-20-2010 08:02 AM by Top44.)
07-20-2010 07:56 AM
Find all posts by this user Quote this message in a reply
rethus Offline
Junior Member
*

Posts: 202
Joined: May 2009
Reputation: 3
Post: #2
RE: GnuTLS hilfe
Habe gerade genau das gleiche Problem.
Für den Server an sich hab ich ein Wildcard-Zertifikat, und die user sollen jeweils mit einem eingenen Zertifikat, welches durch mein Wildcard-zertifikat vverifiziert wurden Ihren https-Part betreiben können.

Leider wird aber bei jeder weiteren Domain immer nur das wildcard-zertifikat angezeigt.

Hoffe uns kann jemand helfen!
10-22-2010 08:48 PM
Find all posts by this user Quote this message in a reply
Janko Offline
Junior Member
*

Posts: 189
Joined: May 2007
Reputation: 1
Post: #3
RE: GnuTLS hilfe
Hallo,

gibt es für dieses Problem schon eine Lösung?
05-06-2011 11:02 PM
Find all posts by this user Quote this message in a reply
tomhb Offline
Member
***

Posts: 336
Joined: Apr 2010
Reputation: 4
Post: #4
RE: GnuTLS hilfe
(05-06-2011 11:02 PM)Janko Wrote:  gibt es für dieses Problem schon eine Lösung?

Welches Problem meinst Du?


Gruss Tom
05-08-2011 06:40 AM
Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)