|
On Thu, 25 Oct 2007, Dan Yocum wrote:
> I've configured 3 VirtualHosts directives in the apache (v2.2.4) conf
> file to use the appropriate cert/key pairs depending on what IP the
> request comes in on (I've tried this by hostname, too - still no luck).
> This same configuration file *is* working on a non-HA system
> (fermigrid2.fnal.gov) - I've simply copied the conf files over and
> changed the paths for the SSLCertificateFile and SSLCertificateKeyFile
> variables.
We need to get this written up for the HOWTO (whatever
"this" turns out to be). I expect you're running into the
problem of https being name based rather than IP based, ie
when you come in on VIP1, the machine has to be hostname_1
and when you come in on VIP2, the machine has to be
hostname_2. However I don't know how you do this.
Can you get a single (non-lvs) server to serve up two https
sites? Can you get your lvs setup to balance https with only
one VIP?
Someone else is going to have to take it from here.
> One potential clue (or red herring), if I enable the following iptables
> rules I *can* connect to the web server, but it always gets redirected
> to the primary IP
it's a red herring. see the HOWTO for "transparent proxy"
Joe
--
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
|
