1

using Apache HTTPD and Tomcats, I have to run two different applications on different URL's. 2 Tomcats are serving their own applications.

  1. www.abc.com

  2. www.xyz.com

My Worker.properties for this is

worker.list=tomcat1,status, tomcat2

# Define Tomcat1 for Application 1 accessed on www.abc.com
worker.tomcat1.port=8009 
worker.tomcat1.host=localhost
worker.tomcat1.type=ajp13 
worker.tomcat1.lbfactor=1

# Define Tomcat2 for Application 2 accessed on www.xyz.com
worker.tomcat2.port=8022
worker.tomcat2.host=localhost
worker.tomcat2.type=ajp13
worker.tomcat2.lbfactor=1
#

and my Virtual Hosts and related stuff in httpd.conf are

<IfModule mod_jk.c>
    JkWorkersFile /etc/httpd/conf/workers.properties
    JkShmFile /var/log/httpd/mod_jk.shm
    JkLogFile /var/log/httpd/mod_jk.log
    JkLogLevel error
    JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
</IfModule>
<VirtualHost *:80>
    ServerName www.abc.com
    ErrorLog "/var/log/httpd/www.abc.com-error_log"
    CustomLog "/var/log/httpd/www.abc.com-access_log" common

    RewriteEngine On

      RewriteCond %{SERVER_PORT} !^443$
      RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L]

    JkMount /* tomcat1


</VirtualHost>

<VirtualHost *:443>

ServerName www.abc.com:443
ServerAlias abc
ErrorLog "/var/log/httpd/ssl-443-error_log"
CustomLog "/var/log/httpd/ssl-443-access_log" common
LogLevel error
    SSLEngine on
    SSLProtocol all -SSLv2

    SSLCertificateKeyFile /etc/httpd/conf/abc.key
    SSLCertificateFile /etc/httpd/conf/abc.crt
    SSLCertificateChainFile /etc/httpd/conf/abc-g2-g1.crt

    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        SSLOptions +StdEnvVars
    </Files>
    <Directory "/var/www/cgi-bin">
        SSLOptions +StdEnvVars
    </Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

            RewriteCond %{SERVER_PORT} =443
            RewriteRule ^(.*)$ http://%{SERVER_NAME}:80$1 [R,L]

            JkMount /* tomcat1
</VirtualHost>                                  

############################################################################################
<VirtualHost *:80>
    ServerName www.xyz.com
    ErrorLog "/var/log/httpd/xyz.com-error_log"
    CustomLog "/var/log/httpd/xyz.com-access_log" common

         #  RewriteEngine On
         #  RewriteCond %{SERVER_PORT} !^9443$
         #  RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L]

   JkMount /* tomcat2

</VirtualHost>

off course I have added
NameVirtualHost *:80 to work with multiple virtual hosts

what it does is send all the requests to first host [abc.com] for both URL's www.abc.com www.xyz.com

for www.xyz.com i need it to go to tomcat2 not the tomcat1

kah
  • 21
  • 4
  • Please note that i dont have /something in URL on the basis of which I can separate the requests, i have only different FQDN's – kah Jan 06 '20 at 13:49

1 Answers1

1

I have found the problem, it was different SSL Certs for both URL's. Apache was routing to the default VirtualHost 0:443 [the first one].

Solution I got is NameBasedSSLVHostsWithSNI

You may find this link helpful

kah
  • 21
  • 4
  • Ah, thank you! That helped me a lot. Tl;dr: for multiple apache virtual hosts usign the same IP/port, add `NameVirtualHost *:443` and `SSLStrictSNIVHostCheck off` to the apache config to enable resolving the right virtual host with SNI. – Dario Seidl Apr 02 '22 at 14:38