From: "Steven Levine" Received: from [192.168.100.201] (HELO mail.2rosenthals.com) by 2rosenthals.com (CommuniGate Pro SMTP 5.4.10) with ESMTP id 11062890 for ecs-isp@2rosenthals.com; Fri, 04 Oct 2024 17:39:29 -0400 Received: from secmgr-va.randr ([192.168.200.201]:50963 helo=mail2.2rosenthals.com) by mail.2rosenthals.com with esmtp (Exim 4.97.1) (envelope-from ) id 1swq1A-000000002TP-147v for ecs-isp@2rosenthals.com; Fri, 04 Oct 2024 17:39:20 -0400 Received: from mta-202a.earthlink-vadesecure.net ([51.81.232.240]:54841) by mail2.2rosenthals.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.97.1) (envelope-from ) id 1swq16-000000007Zs-0aSe for ecs-isp@2rosenthals.com; Fri, 04 Oct 2024 17:39:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; bh=jjaAa+XzYr1G3VDJAwfHpHnIC67kVkBbJLNZrY nwOEY=; c=relaxed/relaxed; d=earthlink.net; h=from:reply-to:subject: date:to:cc:resent-date:resent-from:resent-to:resent-cc:in-reply-to: references:list-id:list-help:list-unsubscribe:list-unsubscribe-post: list-subscribe:list-post:list-owner:list-archive; q=dns/txt; s=dk12062016; t=1728077955; x=1728682755; b=UD56sWdL6oXoJhnh2IjYpfsNQo5 ihaP0STYv/cJPnuLY0p/EkMMBghJbuH2timi+tN9/3hn+SwAYk6VCjcw1xsrFnsgfGwoqid nE6O3Hgo7zAXpEHw+H6UtFDff1L+gMRvlNk5VvB4jf872lpHvhx5m8tcaCtugRqCVb9LUt/ lq5pjqPHioJjmOgPnwFHPSxUOhYOaz5nQGINZwbDjY5hrYYSOQ1nRtwfngiuo9uMYjrgRRZ HkN1Qnz2+F1MD7F4UIgSlw39whHdhNIkgQpyB+4v46Y8lTzdSciHTHuy0gkB1CwEMHPlRwY KSJVvFqPRnJLYPSn/ynzbKmVY+6Pedw== Received: from slamain ([172.58.119.108]) by vsel2nmtao02p.internal.vadesecure.com with ngmta id 347b8c85-17fb5dbe90a10134; Fri, 04 Oct 2024 21:39:15 +0000 Message-ID: <67005208.9.mr2ice.fgrirsq@earthlink.net> Date: Fri, 04 Oct 2024 13:37:28 -0700 To: "eCS ISP Mailing List" In-Reply-To: Subject: Re: [eCS-ISP] SSL certs & apache 2.4.61 X-Mailer: MR/2 Internet Cruiser Edition for OS/2 v3.00.11.24/60 In , on 10/04/24 at 01:58 PM, "Lewis G Rosenthal" said: Hi, >I don't quite think that's getting to the heart of what Max is asking >(though it is the most correct approach). I chose to ignore Massimo question as asked and chose to answer the question that he should have asked. >What the actual question is (AFAICT) is whether there is a way to start >httpd without one or more (mis)configured vhosts. As an example, say I >have a server with 20 vhosts configured, and all but one get proper cert >updates, leaving that one site "broken." httpd will refuse to start, and >the other 19 vhosts are then also taken offline, just because of a >single failure. So, is there a way to force Apache to ignore the broken >vhost? >The answer, of course, is no, there is no magic option to pass to httpd >or put in the vhosts.conf (IF_NOT_BROKEN) to allow for such behavior. >However, it is not necessary to go to great lengths to script anything, >either. FWIW, it's relatively trival to instrument the httpd conf files to start only a selected set of virtual hosts. Depending on the number of hosts, it might be easier to define the hosts not the be started. The basic logic in this case would be to define the hosts not to start in a environment variable. Let's say set HOSTS_NOT_TO_START=,foobar, Each vitual host definition would be wrapped in and directive ServerName foobar ... The commas make it easier to avoid false posiitives. Of course trivial though it might be, the httpd conf edits are sufficiently tedious so that I will continue to use httpd -t. Steven -- ---------------------------------------------------------------------- "Steven Levine" Warp/DIY/BlueLion etc. www.scoug.com www.arcanoae.com www.warpcave.com ----------------------------------------------------------------------