httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From di...@apache.org
Subject svn commit: r620635 - /httpd/httpd/trunk/test/make_sni.sh
Date Mon, 11 Feb 2008 22:11:43 GMT
Author: dirkx
Date: Mon Feb 11 14:11:41 2008
New Revision: 620635

URL: http://svn.apache.org/viewvc?rev=620635&view=rev
Log:
Clarify the text a little and use the vhost terminology.

Modified:
    httpd/httpd/trunk/test/make_sni.sh

Modified: httpd/httpd/trunk/test/make_sni.sh
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/test/make_sni.sh?rev=620635&r1=620634&r2=620635&view=diff
==============================================================================
--- httpd/httpd/trunk/test/make_sni.sh (original)
+++ httpd/httpd/trunk/test/make_sni.sh Mon Feb 11 14:11:41 2008
@@ -28,11 +28,11 @@
 
 args=`getopt fd:D: $*`
 if [ $? != 0 ]; then
-    echo "Syntax: $0 [-f] [-d outdir] [-D domain ] [two or more server names ]"
+    echo "Syntax: $0 [-f] [-d outdir] [-D domain ] [two or more vhost names ]"
     echo "    -f        Force overwriting of outdir (default is $DIR)"
     echo "    -d dir    Directory to create the SNI test server in (default is $DIR)"
     echo "    -D domain Domain name to use for this test (default is $DOMAIN)"
-    echo "    [names]   List of optional server names (default is $NAMES)"
+    echo "    [names]   List of optional vhost names (default is $NAMES)"
     echo 
     echo "Example:"
     echo "    $0 -D SecureBlogsAreUs.com peter fred mary jane ardy"
@@ -59,7 +59,7 @@
 done
 
 if [ $# = 1 ]; then
-    echo "Aborted - just specifing one servername makes no sense for SNI testing. Go wild
!"
+    echo "Aborted - just specifing one vhost makes no sense for SNI testing. Go wild !"
     exit 1
 fi
 
@@ -224,23 +224,26 @@
 
     .../httpd -f ${DIR}/httpd-sni.conf
 
-and keep an eye on ${DIR}/logs/... Note that you will see an entries 
-like
+and keep an eye on ${DIR}/logs/... When everything 
+is fine you will see an entries like:
 
     Feb 11 16:12:26 2008] [debug] Init: 
         SSL server IP/port overlap: ape.*:443 (httpd-sni.conf:24) vs. jane.*:443 (httpd-sni.conf:42)
 
-and a concluding warning
+for each vhost configured and a concluding warning:
+
     [Mon Feb 11 16:12:26 2008] [warn] Init: 
         Name-based SSL virtual hosts only work for clients with TLS server name indication
support (RFC 4366)
 
-If you see an entry like
+HOWEVER - If you see an entry like
 
     [Mon Feb 11 15:41:41 2008] [warn] Init: 
         You should not use name-based virtual hosts in conjunction with SSL!!
 
-then you are either using an OpenSSL which is too old, or you need to ensure that the
-TLS Extensions are compiled into openssl with the 'enable-tlsext' flag.
+then you are either using an OpenSSL which is too old and/or you need to ensure that the
+TLS Extensions are compiled into openssl with the 'enable-tlsext' flag. Once you have
+recompiled or reinstalled OpenSSL with TLS Extensions you will have to recompile mod_ssl
+to allow it to recognize SNI support.
 
 Meanwhile add 'hosts' to your c:\windows\system32\drivers\etc\hosts
 or /etc/hosts file as to point the various URL's to your server:



Mime
View raw message