First version was lost due to a server glitch.
Hello all,
since it took me quite a while to figure out how to run OTRS with two different ssl certified apache vhosts i thought its a good time to share my working configuration file.
Code: Select all
# --
# added for OTRS (http://otrs.org/)
# $Id: zzz_otrs_two_hosts.conf,v 1.0 2011/05/16 00:00:00 Stephan Hensel stephan@stephan.ws $
# --
# load all otrs modules
Perlrequire /opt/otrs/scripts/apache2-perl-startup.pl
# Apache::Reload - Reload Perl Modules when Changed on Disk
PerlModule Apache2::Reload
PerlInitHandler Apache2::Reload
PerlModule Apache2::RequestRec
NameVirtualHost 10.100.1.100:80
NameVirtualHost 10.100.1.100:443
NameVirtualHost 10.100.1.200:80
NameVirtualHost 10.100.1.200:443
Listen 10.100.1.100:80
Listen 10.100.1.100:443
Listen 10.100.1.200:80
Listen 10.100.1.200:443
#
# customer frontend
#
<VirtualHost 10.100.1.100:80>
ServerName customer.example.com
Alias /otrs-web/ "/opt/otrs/var/httpd/htdocs/"
ScriptAlias /otrs/ "/opt/otrs/bin/cgi-bin/"
ServerAdmin admin@example.com
DocumentRoot /opt/otrs/var/httpd/htdocs/
ServerSignature On
<Location /otrs/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSetupEnv On
Options +ExecCGI
</Location>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /opt/otrs/var/httpd/htdocs/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ http://customer.example.com/otrs/customer.pl
</Directory>
# Allowed values: debug, info, notice, warn, error, crit, alert, emerg
LogLevel warn
ErrorLog /var/log/httpd/otrs-err_customer.example.com.log
CustomLog /var/log/httpd/otrs-acc_customer.example.com.log combined
#
# Only allow customer.pl for customers
#
<Files faq.pl>
Order deny,allow
Deny from all
</Files>
<Files index.pl>
Order deny,allow
Deny from all
</Files>
<Files installer.pl>
Order deny,allow
Deny from all
</Files>
<Files public.pl>
Order deny,allow
Deny from all
</Files>
<Files rpc.pl>
Order deny,allow
Deny from all
</Files>
</VirtualHost>
<VirtualHost 10.100.1.100:443>
ServerName customer.example.com:443
Alias /otrs-web/ "/opt/otrs/var/httpd/htdocs/"
ScriptAlias /otrs/ "/opt/otrs/bin/cgi-bin/"
ServerAdmin admin@example.com
DocumentRoot /opt/otrs/var/httpd/htdocs/
ServerSignature On
<Location /otrs/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSetupEnv On
Options +ExecCGI
</Location>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /opt/otrs/var/httpd/htdocs/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ https://customer.example.com/otrs/customer.pl
</Directory>
# Allowed values: debug, info, notice, warn, error, crit, alert, emerg
LogLevel warn
ErrorLog /var/log/httpd/otrs-err_customer_SSL.example.com.log
CustomLog /var/log/httpd/otrs-acc_customer_SSL.example.com.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl/customer.example.com/customer.example.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/customer.example.com/customer.example.com.key
SSLCertificateChainFile /etc/httpd/ssl/customer.example.com/customer.example.com.crt
#
# Only allow customer.pl for customers
#
<Files faq.pl>
Order deny,allow
Deny from all
</Files>
<Files index.pl>
Order deny,allow
Deny from all
</Files>
<Files installer.pl>
Order deny,allow
Deny from all
</Files>
<Files public.pl>
Order deny,allow
Deny from all
</Files>
<Files rpc.pl>
Order deny,allow
Deny from all
</Files>
</VirtualHost>
#
# agent frontend
#
<VirtualHost 10.100.1.200:80>
ServerName agent.example.com
Alias /otrs-web/ "/opt/otrs/var/httpd/htdocs/"
ScriptAlias /otrs/ "/opt/otrs/bin/cgi-bin/"
ServerAdmin admin@example.com
DocumentRoot /opt/otrs/var/httpd/htdocs/
ServerSignature On
<Location /otrs/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSetupEnv On
Options +ExecCGI
</Location>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /opt/otrs/var/httpd/htdocs/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ http://agent.example.com/otrs/index.pl
</Directory>
# Allowed values: debug, info, notice, warn, error, crit, alert, emerg
LogLevel warn
ErrorLog /var/log/httpd/otrs-err_agent.example.com.log
CustomLog /var/log/httpd/otrs-acc_agent.example.com.log combined
#
# Use this, if you only want the agent interface be available from one certain IP
#
#<Files *>
# Order deny,allow
# Deny from all
# Allow from [FIREWALL_IP]
#</Files>
</VirtualHost>
<VirtualHost 10.100.1.200:443>
ServerName agent.example.com:443
Alias /otrs-web/ "/opt/otrs/var/httpd/htdocs/"
ScriptAlias /otrs/ "/opt/otrs/bin/cgi-bin/"
ServerAdmin admin@example.com
DocumentRoot /opt/otrs/var/httpd/htdocs/
ServerSignature On
<Location /otrs/>
SetHandler perl-script
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
PerlSetupEnv On
Options +ExecCGI
</Location>
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /opt/otrs/var/httpd/htdocs/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
RedirectMatch ^/$ https://agent.example.com/otrs/index.pl
</Directory>
# Allowed values: debug, info, notice, warn, error, crit, alert, emerg
LogLevel warn
ErrorLog /var/log/httpd/otrs-err_agent_SSL.example.com.log
CustomLog /var/log/httpd/otrs-acc_agent_SSL.example.com.log combined
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/ssl/agent.example.com/agent.example.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/agent.example.com/agent.example.com.key
SSLCertificateChainFile /etc/httpd/ssl/agent.example.com/agent.example.com.crt
#
# Use this, if you only want the agent interface be available from one certain IP
#
#<Files *>
# Order deny,allow
# Deny from all
# Allow from [FIREWALL_IP]
#</Files>
</VirtualHost>
# EOF
Stephan