Skip to end of banner
Go to start of banner

Redirecting connections to FQDN and HTTPS URL - apache vhost configurations

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Using VHosts to Ensure the FQDN is used (for SSO)

For HTTPS and for SSO to work right, all access needs to use the FQDN of the server.  So we get Apache to handle that.

Each Server has a vhosts.conf added with the below code.  The first VirtualHost is the default and catches any access to the server using any URL and redirects it to the second VirtualHost which is for the FQDN host. Note the line "RewriteRule" which is the one redirecting.

 

VHosts Config
#
# Use name-based virtual hosting.
#
NameVirtualHost *:80
#
# NOTE: NameVirtualHost cannot be used without a port specifier
# (e.g. :80) if mod_ssl is being used, due to the nature of the
# SSL protocol.
#
<VirtualHost *:80>
    ServerAdmin opmantek@example.com
    DocumentRoot "/var/www/html"
    ServerName servername002
    RewriteEngine on
    RewriteCond %{HTTP_HOST} !=localhost
    RewriteCond %{HTTP_HOST} !=127.0.0.1
    RewriteCond %{REMOTE_ADDR} !=127.0.0.1
    RewriteCond %{REMOTE_ADDR} !=::1
    RewriteRule (.*) http://servername002.example.org$1
</VirtualHost>
<VirtualHost *:80>
    ServerAdmin opmantek@example.com
    DocumentRoot "/var/www/html"
    ServerName servername002.example.org
</VirtualHost>

 

 

Using VHosts to Ensure redirection from HTTP to HTTPS and the correct FQDN - (HTTPS plus SSO)

To ensure ALL users are forced to use HTTPS one redirects the connections from HTTP to HTTPS.  For HTTPS or more specifically the SSL certificate to work correctly you also need guarantee users are accessing via the FQDN which matches the DN string (server name) in the SSL certificate.

 

 

 

  • No labels