httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Brian Dessent <br...@dessent.net>
Subject Re: [users@httpd] Multiple SSL
Date Sun, 08 Feb 2004 16:51:29 GMT
Mark McCulligh wrote:
> 
> Hi Group,
> 
> I am tryng to set two SSL on my server through VirtualHost. Do you have to
> comment out the <VirtualHost _default_:443> Right now I get the default SSL
> when I try to use https://www.visualtech.ca
> 
> My one VirtualHost setup looks like this:

If you're trying to have two SSL vhosts on the same IP:port combination,
then stop right there.  Name-based vhosting with SSL is not possible --
each SSL vhost must be on its own port or IP address, or combination of
the two.  The reason for this is that SSL must negotiate keys and
exchange certificates before any HTTP headers or requests have been
sent, but in the case of name-based vhosting Apache does not know which
virtual host its dealing with until the "Host:" header has been sent. 
So this is a fundamental limitation of how the two protocols interact,
and it's not specific to Apache or any other webserver or SSL
implementation.  See also:
<http://www.modssl.org/docs/2.8/ssl_faq.html#vhosts>

Brian

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message