The combination of name-based virtual hosting and SSL cannot possibly work. Normally, in such
a configuration the request will be handled by the first of the virtual hosts that match the
IP:port of the request regardless of the ServerName.
I believe that if you execute "apachectl configtest", or alternatively "$HTTPD -t -D DUMP_VHOSTS
-f /path/to/httpd.conf", you will get an overview of all the configured virtual hosts:
bash-2.03$ apachectl configtest
VirtualHost configuration:
192.168.1.10:443 sweetn.sour.com (/u01/apachetest/conf/custom.conf:82)
192.168.1.11:* is a NameVirtualHost
default server labelle16.toto.fr (/u01/apachetest/conf/custom.conf:20)
port * namevhost labelle16.toto.fr (/u01/apachetest/conf/custom.conf:20)
Syntax OK
bash-2.03$
This might give you a clue as to what is happening and why you get the error. However, again,
SSL and name-based virtual hosting does not work because the Host header cannot possibly be
known to the server until the SSL session has been established, and the SSL session needs
a certificate to be established and for that purpose needs to know the value of the host header
in order to know what certificate to use.
It's a catch 22...
-ascs
-----Original Message-----
From: Nick Burch [mailto:nick@torchbox.com]
Sent: Tuesday, December 06, 2005 7:53 PM
To: users@httpd.apache.org
Subject: [users@httpd] Problem when mixing NameVirtualHost + non with SSL - "Oops, no RSA
or DSA server certificate found?!"
Hi
I'm having trouble when trying to combine NameVirtualHosting on one SSL
IP, and per-IP virtual hosting for others.
My ideal setup is:
NameVirtualHost *:80 (lots of virtual hosts)
NameVirtualHost 192.168.1.50:443 (2 virtual hosts, 1 wildcard
certificate used for both virtual hosts)
VirtualHost's on 192.168.1.51:443, 192.168.1.52:443
Under this configuration, when I try to start apache, it fails with
"[error] Oops, no RSA or DSA server certificate found?!". Even under
Debug, it fails to tell me which certificate it hit this on.
If I run it with only one virtual host active on 192.168.1.50:443 (the SSL
NameVirtualHost), everything works fine. I can access all 3 SSL sites.
If I disable the SSL virtual hosts on 192.168.1.51:443 and
192.168.1.52:443, everything works fine. I can access both the SSL sites
on 192.168.1.50, and the name virtual hosting behaves as expected.
As soon as I try with both name and non name SSL virtual hosts, apache
fails to start with:
"[error] Oops, no RSA or DSA server certificate found?!"
Is this a known problem? Can anyone suggest any workarounds (other than
not using name virtual hosting on that one IP)?
Thanks
Nick
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
|