Bonjour,
J’ai 5 sites sur un serveur chez ovh qui tourne sous debian. Je rencontre un petit souci avec mes VirtualHosts : sur mes 5 site, l’un d’eux dispose d’un certificat SSL Standard, celui-ci se trouve accessible depuis tous les autres sites quand on passe par “https”. Ce n’est pas normal ça, non ?
PS : J’utilise la commande “a2ensite” l’ajout de nouveaux sites (VirtualHosts).
Voici le VirtualHosts par defaut :
[code]<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName XXXXXXX.kimsufi.com
DocumentRoot /var/www
Alias /XXXXXXXXXXXXXXXX/ “/usr/share/phpmyadmin/”
<Directory "/usr/share/phpmyadmin/">
Options None
AllowOverride None
Order allow,deny
Allow from all
</Directory>
<Directory />
Options FollowSymLinks
Options -Includes
Options -ExecCGI
AllowOverride All
</Directory>
<Directory /var/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog /var/log/apache2/access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
[/code]
Voici le VirtualHosts du site qui a aussi le SSL:
[code]<VirtualHost *:80>
ServerAdmin webmaster@site_ssl.com
ServerName site_ssl.com
ServerAlias www.site_ssl.com
ScriptAlias /cgi-bin/ /home/site_ssl/cgi-bin/
DocumentRoot /home/site_ssl/www
AddDefaultCharset UTF-8
<Directory /home/site_ssl/www>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
<Directory "/home/site_ssl/www/modules/abonnement">
RewriteEngine on
RewriteBase /home/site_ssl/www/modules/abonnement
RewriteCond %{SERVER_PORTS} !^443$
RewriteRule (.*) https://%{SERVER_NAME}/abonnement/$1 [L,R]
</Directory>
ErrorLog /var/log/apache2/error_site_ssl.log
LogLevel warn
CustomLog /var/log/apache2/access_site_ssl.log combined
<VirtualHost *:443>
ServerAdmin webmaster@site_ssl.com
ServerName site_ssl.com
ServerAlias www.site_ssl.com
DocumentRoot /home/site_ssl/www
<Directory /home/site_ssl/www>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
SSLEngine on
SSLCertificateFile /etc/apache2/ssl/www.site_ssl.com.cert
SSLCertificateKeyFile /etc/apache2/ssl/www.site_ssl.com.key
SSLCACertificateFile /etc/apache2/ssl/www.site_ssl.com.chain
ErrorLog /var/log/apache2/error_site_ssl.log
LogLevel warn
CustomLog /var/log/apache2/access_site_ssl.log combined
Voici le VirtualHosts d’un site normal, qui est affecté par le SSL ci dessous :
[code]<VirtualHost *:80>
ServerAdmin webmaster@site3.net
ServerName site3.net
ServerAlias www.site3.net
DocumentRoot /home/site3/www
<Directory /home/site3/www>
Options -Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error_site3.log
LogLevel warn
CustomLog /var/log/apache2/access_site3.log combined
[/code]