Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Message-ID: <3DA603A7.2E38C60B@mdh.si.edu>
Date: Thu, 10 Oct 2002 18:48:07 -0400
From: Matt Harris <mdh@mdh.si.edu>
Reply-To: mdh@unix.si.edu
Organization: Smithsonian Institution
MIME-Version: 1.0
To: users@httpd.apache.org
References: <11864A3328DDD5119DE70002A540D64A02B4BF51@ntblm16.dci.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: Re: [users@httpd] SSL server problem

Weird.  I thought I remembered doing it OK on apache 1.3.x a long time
ago.  This is my first delve into Apache 2.  What's required to fix
SSL?  Is it a problem with mod_ssl or OpenSSL itself?  I'd be interested
in taking a look deeper into this to see if there's a way/hack around
it, or maybe just fixing the code myself.  

"Nelson, Robert D." wrote:
> 
> Matt:
> 
> You can't run two different SSL hosts on a single IP.  Each host must have
> its own IP address.  This is not an Apache issue, it's an SSL issue.
> 
>  ~ Robert
> 
> > -----Original Message-----
> > From: Matt Harris [mailto:mdh@mdh.si.edu]
> > Sent: Thursday, October 10, 2002 5:17 PM
> > To: users@httpd.apache.org
> > Subject: [users@httpd] SSL server problem
> >
> >
> > I have multiple NameVirtualHost entries on my server.  I've
> > noticed that
> > this makes apache 2.x send only the certificate listed in the first
> > vhost entry for all of them.  For example I have vhosts entries for
> > secure.unix.mydomain, and qip.mydomain.  Both have unique csr/key/crt
> > files, and both are explicitly stated as such in their VirtualHost
> > directives.  They are NamevirtualHosts on my server's single IP
> > address.  But for some reason, when going to
> > https://qip.mydomain, I get
> > an error that the certificate being presented is for
> > secure.unix.mydomain.  Why is this?  Is there a way to fix this?
> > Thanks, Matt.
> >
> > --
> > /*
> >  *
> >  * Matt Harris - Senior UNIX Systems Engineer
> >  * Smithsonian Institution, OCIO
> >  *
> >  */
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP
> > Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org

-- 
/*
 *
 * Matt Harris - Senior UNIX Systems Engineer
 * Smithsonian Institution, OCIO
 *
 */

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org