httpd-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 28740] New: - mod_ssl + vhost uses first cert found and not per-vhost
Date Mon, 03 May 2004 12:42:03 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=28740>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://issues.apache.org/bugzilla/show_bug.cgi?id=28740

mod_ssl + vhost uses first cert found and not per-vhost

           Summary: mod_ssl + vhost uses first cert found and not per-vhost
           Product: Apache httpd-2.0
           Version: 2.0.49
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Critical
          Priority: Other
         Component: mod_ssl
        AssignedTo: bugs@httpd.apache.org
        ReportedBy: nkukard@lbsd.net


mod_ssl doesn't seem to use per-vhost certificates.

I have this...

NameVirtualHost *:443
NameVirtualHost *:80

<VirtualHost *:80>
        ServerName www.aaaaaaaaaa.co.za
        DocumentRoot /var/www/sites/www-aaaaaaaaaaa-co-za
</VirtualHost>
 
 
<IfModule mod_ssl.c>
  
        <VirtualHost *:443>
                ServerName www.aaaaaaaaaaa.co.za
                DocumentRoot /var/www/sites/www-aaaaaaaaaaa-co-za
 
                SSLEngine On
                SSLCertificateFile /etc/httpd/conf/ssl.crt/aaaaaaaaaa.crt
                SSLCertificateKeyFile /etc/httpd/conf/ssl.key/aaaaaaaaaa.key
 
                <Files ~ "\.(cgi|shtml|phtml|php3?)$">
                    SSLOptions +StdEnvVars
                </Files>
                <Directory "/var/www/cgi-bin">
                    SSLOptions +StdEnvVars
                </Directory>
 
                SetEnvIf User-Agent ".*MSIE.*" \
                         nokeepalive ssl-unclean-shutdown \
                         downgrade-1.0 force-response-1.0
        </VirtualHost>
                                                                               
                                                                         
</IfModule>



<VirtualHost *:80>
        ServerName www.bbbbbbbbbb.com
        DocumentRoot /var/www/sites/www-bbbbbbbbbb-com
</VirtualHost>
 
 
<IfModule mod_ssl.c>
  
        <VirtualHost *:443>
                ServerName www.bbbbbbbbbb.com
                DocumentRoot /var/www/sites/www-bbbbbbbbbbb-com
 
                SSLEngine On
                SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
                SSLCertificateFile /etc/httpd/conf/ssl.crt/bbbbbbbbbbb.crt
                SSLCertificateKeyFile /etc/httpd/conf/ssl.key/bbbbbbbbbb.key
 
                <Files ~ "\.(cgi|shtml|phtml|php3?)$">
                    SSLOptions +StdEnvVars
                </Files>
                <Directory "/var/www/cgi-bin">
                    SSLOptions +StdEnvVars
                </Directory>
 
                SetEnvIf User-Agent ".*MSIE.*" \
                         nokeepalive ssl-unclean-shutdown \
                         downgrade-1.0 force-response-1.0
        </VirtualHost>
                                                                               
                                                                         
</IfModule>


when i start httpd, no errors, but i get an error in the browser saying i'm
getting aaaaaaaaa's certificate when i browse to bbbbbbbbb over ssl. I do
however the get right content.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org


Mime
View raw message