Return-Path: 
 <users-return-16980-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 89787 invoked by uid 500); 15 Nov 2002 17:18:05 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
list-post: <mailto:users@httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 89764 invoked from network); 15 Nov 2002 17:18:04 -0000
Received: from mail15.messagelabs.com (63.210.62.243)
  by daedalus.apache.org with SMTP; 15 Nov 2002 17:18:04 -0000
X-VirusChecked: Checked
X-Env-Sender: DPWick@Mail.Donaldson.com
X-Msg-Ref: server-26.tower-15.messagelabs.com!1037380528!25648
Received: (qmail 902 invoked from network); 15 Nov 2002 17:15:28 -0000
Received: from mail.donaldson.com (162.107.240.193)
  by server-26.tower-15.messagelabs.com with SMTP; 15 Nov 2002 17:15:28 -0000
Received: by mail.donaldson.com with Internet Mail Service (5.5.2653.19)
	id <WKDPPXTD>; Fri, 15 Nov 2002 11:17:44 -0600
Message-ID: <11864A3328DDD5119DE70002A540D64A02CEAE3F@ntblm16.dci.com>
From: "Wick, Daniel" <DPWick@Mail.Donaldson.com>
To: "'users@httpd.apache.org'" <users@httpd.apache.org>
Date: Fri, 15 Nov 2002 11:17:20 -0600
X-Mailer: Internet Mail Service (5.5.2653.19)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Subject: RE: [users@httpd] HTTPS?

Justin,

I would not recommend installing a separate Apache for each SSL.  Use a
virtual IP (ipalias) in linux for each cert you aqcuire.  If that NIC runs
out of pipe, install your other one and give it as many virtual IP's as you
need as well.

We currently host four certs on one apache server using virtual IPs, but
theoretically you could have 200+ if your server and pipe were big enough!

Dan

> -----Original Message-----
> From: Justin Williams [mailto:justin@naturalwebs.com]
> Sent: Friday, November 15, 2002 11:08 AM
> To: users@httpd.apache.org
> Subject: Re: [users@httpd] HTTPS?
> 
> 
> Does this mean that every time I host a new company with its 
> own SSL, I am
> going to need to install a new copy of Apache for them?  Seems kind of
> odd...
> 
> ----- Original Message -----
> From: "Remo Mattei" <remo@italy1.com>
> To: <users@httpd.apache.org>
> Sent: Friday, November 15, 2002 12:04 PM
> Subject: RE: [users@httpd] HTTPS?
> 
> 
> > I am talking about a second apache not a nic, apache does 
> not care if
> > that ip is virtual.
> >
> > REMO
> >
> > -----Original Message-----
> > From: Justin Williams [mailto:justin@naturalwebs.com]
> > Sent: Friday, November 15, 2002 10:00 AM
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] HTTPS?
> >
> > I *do* have a second NIC that I could configure to be .18.  
> Would that
> > change anything??
> > ----- Original Message -----
> > From: "Remo Mattei" <remo@italy1.com>
> > To: <users@httpd.apache.org>
> > Sent: Friday, November 15, 2002 12:01 PM
> > Subject: RE: [users@httpd] HTTPS?
> >
> >
> > > What's your server listen to?
> > > There other thing you can do which may be even better for 
> you is to
> > run
> > > a second apache just for ssl. This option is one that I 
> have done many
> > > times.
> > >
> > > Remo
> > >
> > > -----Original Message-----
> > > From: Justin Williams [mailto:justin@naturalwebs.com]
> > > Sent: Friday, November 15, 2002 9:56 AM
> > > To: users@httpd.apache.org
> > > Subject: Re: [users@httpd] HTTPS?
> > >
> > > I'm not sure that I understand
> > >
> > > there are a number of name-based virtual domains for .13
> > > .18 is the only IP based.  Do I need to create an ip-based .13 as
> > well?
> > >
> > > Then, in the following:
> > > <VirtualHost 206.28.133.18:443>
> > > DocumentRoot /home/securesite/www
> > > ServerName ***
> > > SSLEngine on
> > > SSLCertificateFile /home/securesite/securesite.pshift.com.crt
> > > SSLCertificateKeyFile /home/securesite/securesite.pshift.com.key
> > > DirectoryIndex index.html
> > > </VirtualHost>
> > >
> > > What include am I putting in?  There is an include to
> > > Include  conf/ssl/mod_ssl.conf
> > > Include  conf/ssl/ssl.default-vhost.conf
> > > in httpd.conf, already.
> > > The second include has the default ssl information.  Do I need to
> > create
> > > *another* Virtual Host in there?
> > >
> > > ----- Original Message -----
> > > From: "Remo Mattei" <remo@italy1.com>
> > > To: <users@httpd.apache.org>
> > > Sent: Friday, November 15, 2002 11:35 AM
> > > Subject: RE: [users@httpd] HTTPS?
> > >
> > >
> > > > Did you try to create a virtual domain for the 13? And 
> then for the
> > > 18?
> > > > You need to copy the ssl portion and use the include in 
> the ssl for
> > > the
> > > > 18.
> > > >
> > > > Remo
> > > >
> > > > -----Original Message-----
> > > > From: Justin Williams [mailto:justin@naturalwebs.com]
> > > > Sent: Friday, November 15, 2002 9:30 AM
> > > > To: users@httpd.apache.org
> > > > Subject: [users@httpd] HTTPS?
> > > >
> > > > This may or may not be the right place to post this; I 
> think it is
> > > but,
> > > > please tell me if not.
> > > >
> > > > I have two IPs on the same NIC.  .13 and .18
> > > > .18 (on eth0:1) is reserved for an IP-based virtual 
> domain, which is
> > > set
> > > > up
> > > > in the conf listening only on :443.
> > > > .13 (on eth0) is everything else.
> > > >
> > > > I have gotten my CRT from Verisign and placed that into the
> > directory
> > > > where
> > > > I want it to be.
> > > > I have the cert and key referenced in the conf file.
> > > >
> > > > If I go to http://IP.18, the most recently configured 
> domain on .13
> > > pops
> > > > up.
> > > > If I go to https://IP.18, I get page could not be displayed.
> > > >
> > > > Bummin' and tryin' to figure out what I am missing.  From what I
> > have
> > > > been
> > > > reading, I have done all the right stuff, but, obviously, I am
> > > > forgetting or
> > > > missing *something*  Can somebody point me in the right 
> distraction?
> > > > Thanks!
> > > >
> > > >
> > > >
> > 
> ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache 
> HTTP Server
> > > > Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > >    "   from the digest: 
> users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > > >
> > > >
> > > >
> > 
> ---------------------------------------------------------------------
> > > > The official User-To-User support forum of the Apache 
> HTTP Server
> > > Project.
> > > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > > >    "   from the digest: 
> users-digest-unsubscribe@httpd.apache.org
> > > > For additional commands, e-mail: users-help@httpd.apache.org
> > > >
> > >
> > >
> > > 
> ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> > > Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> > >
> > >
> > > 
> ---------------------------------------------------------------------
> > > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> > >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > > For additional commands, e-mail: users-help@httpd.apache.org
> > >
> >
> >
> > 
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
> > Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> >
> >
> > 
> ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP 
> Server Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org