httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Falco Schwarz <>
Subject RE: ssl_die() and pool cleanup
Date Sat, 23 Nov 2013 13:29:23 GMT
> Date: Sat, 23 Nov 2013 08:18:14 -0500
> Subject: Re: ssl_die() and pool cleanup
> From:
> To:
>> So, if the sanity check is skipped for the _default_ host, or there is a better way
to set the ServerName of the _default_ host, which I don't know yet, then this wouldn't be
> I don't think any behavior should be based on _default_ vs. *.
> Your scenario probably works the same with the first VH as "*" simply
> because it's the first listed NVH.

You are right, there should be no difference between _default_ vs. *.

Yet, this does not change the fact, that you have to explicitly set a ServerName for the first
VH, different to the CN in the certificate. Otherwise all requests would be served by the
first VH, instead of the other ones.

If mod_ssl would decline VH's with a nonmatching ServerName, then a configuration with a <VirtualHost
:80 :443> would be impossible without a wildcard certificate, at least to my knowledge.

View raw message