Return-Path: 
 <users-return-37562-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 10516 invoked from network); 31 Jan 2004 01:21:10 -0000
Received: from daedalus.apache.org (HELO mail.apache.org) (208.185.179.12)
  by minotaur-2.apache.org with SMTP; 31 Jan 2004 01:21:10 -0000
Received: (qmail 98254 invoked by uid 500); 31 Jan 2004 01:20:31 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 98239 invoked by uid 500); 31 Jan 2004 01:20:31 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
list-post: <mailto:users@httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 98223 invoked from network); 31 Jan 2004 01:20:30 -0000
Received: from unknown (HELO hermes.wildbrain.com) (64.1.15.36)
  by daedalus.apache.org with SMTP; 31 Jan 2004 01:20:30 -0000
Received: from wildbrain.com (daedelus.wildbrain.com [10.20.2.35])
	by hermes.wildbrain.com (8.12.8/8.12.8) with ESMTP id i0V1KO3B008444
	for <users@httpd.apache.org>; Fri, 30 Jan 2004 17:20:25 -0800
Message-ID: <401B02D8.5080304@wildbrain.com>
Date: Fri, 30 Jan 2004 17:20:24 -0800
From: Andy Moran <andy@wildbrain.com>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US;
 rv:1.5) Gecko/20031013 Thunderbird/0.3
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: users@httpd.apache.org
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
X-WB-MailScanner: Found to be clean
X-WB-MailScanner-SpamCheck: not spam (whitelisted), SpamAssassin (score=-4.9,
	required 5, BAYES_00 -4.90)
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
Subject: [users@httpd] SSLCertificate strangeness?
X-Spam-Rating: minotaur-2.apache.org 1.6.2 0/1000/N


We have a server with two SSL enabled virtual hosts.  Both Virtual Hosts 
have their own self-signed certificate file (.pem) matching the name of 
the virtual host.  i.e.:

<VirtualHost foo.org:443>
...
    SSLCertificate /etc/httpd/conf/foo.pem
...
</VirtualHost>
<VirtualHost bar.org:443>
...
    SSLCertificate /etc/httpd/conf/bar.pem
...
</VirttualHost>


When I go to foo.org, all is good.. but for some reason, when one goes
to bar.org, the browser receives the foo.org certificate (and
thus complains).  I tried swapping the Virtual Host definitions around 
by putting bar.org first, and sure enough, bar.org works fine now
but foo.org now gets bar.org's certificate.  The files are different 
sizes and md5sum signatures, of course.

It's very strange, as if the first SSLCertificate directive found in the
httpd.conf file is being used all VirtualHosts.     This is a RedHat 7.2 
machine running apache 1.3.22.     I know this an old version of Apache, 
but I don't have easy access to upgrading it, so I wanted to find out if 
this behavior is something I'm misconfiguring before I barked up the 
'upgrade' tree.  Any thoughts?

--Andy



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org