httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Cliff Woolley <cliffwool...@yahoo.com>
Subject Re: New member thoughts.
Date Wed, 11 Jul 2001 14:33:40 GMT
On Wed, 11 Jul 2001, Chris Johnson wrote:

>      Do we post type-o or grammatical fixes here and is there a format
> for such?

You can post them here, yes.  If you have the ability to generate a
unified diff against the CVS tree, that would be ideal.  If not, and it's
a short change (one misspelled word or something), it's just as easy if we
know what file, what line number, and what the word used to be and what it
should be.

>      Also, I just spent a week trying to figure something out which I
> and others to whom I've talked about this are pretty certain isn't
> very obvious from the documentation.  I think the current version of
> Apache is 1.3.20.  I'm using 1.3.12. It was the first one for which we
> found a working RPM for RH 6.2.
>
>      The trick, it would seem, to getting the SSL VH section to work
> was that it needed it's own NameVirtualHost directive of the form
>
>      NameVirtualHost ip:443

Apache 1.3 does not ship with SSL support, which is why you won't find
documentation about it.  If you're using mod_ssl by Ralf Engelschall,
there is an exceedingly good documentation set about it at
http://www.modssl.org/.  I'm not too familiar with Apache-SSL by Ben
Laurie, but you can find a (seemingly more terse) set of documentation for
that at http://www.apache-ssl.org/.

The problem you're having is that HTTP name-based virtual hosting and SSL
are mutually exclusive.  That's because the HTTP Host: header doesn't get
sent until after the SSL session is already established, and therefore
Apache does not and cannot know which one of the virtual hosts you're
trying to connect to and therefore cannot pick the right <VirtualHost>
section from your config and the certificate that goes with it.

This is a frequently asked question on the mod_ssl users mailing list and
is probably one on the Apache-SSL lists as well.  There is an FAQ at
www.modssl.org which includes a description of this "chicken and the egg"
problem.  I'd give you the URL but I can't get to modssl.org at the
moment.

--Cliff


--------------------------------------------------------------
   Cliff Woolley
   cliffwoolley@yahoo.com
   Charlottesville, VA



---------------------------------------------------------------------
To unsubscribe, e-mail: apache-docs-unsubscribe@apache.org
For additional commands, e-mail: apache-docs-help@apache.org


Mime
View raw message