httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Louis Wevers <frut...@netscape.net>
Subject [users@httpd] More certificates for 1 server
Date Tue, 12 Aug 2003 14:27:56 GMT
Hi,

I've got a working Apache 2.47 server with SSL enabled and working. I'm 
trying to get a scenario to work where that issues a valid certificate 
depending on how the client connects to it. E.g. you can access it by 
the servername or IP address. This means that I want to present the 
client with a different certificate when they go to https://172.16.0.60/ 
or to https://devsystem/ or https://devsystem.ihits.tv.

I've tried to accomplish this using virtual hosts. In the ssl.conf I've 
removed the _default_ vhost and changed it to this. However, when 
connecting to the server using ssl it always takes the first one. Does 
anybody know how to resolve this?

Many thanks in advance,
Louis

--- ssl.conf (part) ---

NameVirtualHost 172.16.0.60:443
<VirtualHost 172.16.0.60:443>
  DocumentRoot "/opt/apache2/htdocs"
  ServerName 172.16.0.60
  ServerAdmin you@your.address
  ErrorLog logs/error_log
  TransferLog logs/access_log
  SSLEngine on
  SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile /opt/apache2/conf/ssl.crt/server_IP_internal.crt
  SSLCertificateKeyFile /opt/apache2/conf/ssl.key/server_IP_internal.key
  <Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
  </Files>
  <Directory "/opt/apache2/cgi-bin">
    SSLOptions +StdEnvVars
  </Directory>
  SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
  CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

<VirtualHost 172.16.0.60:443>
  DocumentRoot "/opt/apache2/htdocs"
  ServerName devsystem.ihits.tv
  ServerAdmin you@your.address
  ErrorLog logs/error_log
  TransferLog logs/access_log
  SSLEngine on
  SSLCipherSuite 
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
  SSLCertificateFile /opt/apache2/conf/ssl.crt/server.crt
  SSLCertificateKeyFile /opt/apache2/conf/ssl.key/server.key
  <Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
  </Files>
  <Directory "/opt/apache2/cgi-bin">
    SSLOptions +StdEnvVars
  </Directory>
  SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0
  CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message