I have 2 SSL websites I'm trying to serve from a Linode with 2 IP addresses (Apache/Fedora). I had no trouble with setting up the vhost.conf to support the 2 websites for http access, one per IP address. But the SSL part is tripping me up.

I have the 1st site working with 1 IP address. But when I add the second <virtualhost> entry in ssl.conf, and then do 'service httpd restart', it fails with:


There's nothing in either the vhost or ssl error log, so I'm not clear what's failing (though I've gotten "caught SIGTERM, shutting down" with some tweaks.

If I remove the 2nd <virtualhost> from ssl.conf, the restart works. I can use either website in http, but of course only the 1st with https.

The 2nd <virtualhost> I remove looks like (where 1.2.3.4 is the 2nd IP address, and mysite.com is my 2nd website):

<VirtualHost 1.2.3.4:443>
     DocumentRoot "/srv/www/mysite.com/public_html/"
     ServerName http://www.mysite.com

     ErrorLog logs/ssl_error_log
     TransferLog logs/ssl_access_log
     LogLevel warn

     SSLEngine On
     SSLProtocol all -SSLv2
     SSLCipherSuite RC4-SHA:AES128-SHA:ALL:!ADH:!EXP:!LOW:!MD5:!SSLV2:!NULL

     SSLCertificateFile /etc/httpd/ssl/www_mysite_com.crt
     SSLCertificateKeyFile /etc/httpd/ssl/www.mysite.com.key
     SSLCertificateChainFile /etc/httpd/ssl/the_bundle.crt
</VirtualHost>

Any help would be most appreciated!

Probably shouldn't have "http://" in the ServerName.

apache2ctl configtest

and/or read the error logs

Okay, just so I don't send somebody else off in a mixed up direction... apachectl configtest (which works for my Apache 2.2 instance) revealed the problem... a problem with my .key file. Oops. That's embarrassing. I didn't really have http:// in the ServerName (not sure why I typed that ).

Anyway, correcting the .key file and re-key-ing solved the problem. Thanks for the apachectl configtest suggestion!

This is why we recommend that you don't redact or change information when you post config files or logs. It's 10 times easier to debug issues when we're seeing the same things you are.

-Doug

Duly noted... I actually thought I'd copied/pasted from the .conf file, so I'm not sure how that happened. In any case, apologies for that -- I do get the problem you're pointing out!

You probably didn't. The forum often adds it to the beginning when it sees http://www.something. (As evidence, I did not type the preceding sentence with a link or http prefix.)