httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brian V. Hughes" <>
Subject [users@httpd] Apache 2 and SSL on server with multiple IPs, SSL won't load...
Date Mon, 23 Jan 2006 16:31:55 GMT

Hey gang. I've got a problem that's been giving me fits for the past several 
days and I just can't figure out what's wrong. Here's the situation:

I've got an Apple Xserve, with a standard install of Apache 2.0.55 with mod_ssl. 
The server has 2 IP addresses assigned to it, lets call them 
and I've also got 2 instances of Apache configured to run, 
since I believe I need to do IP-based virtual hosting to accomplish what I need: 
foo is an HTTP server and bar needs to be an HTTP/HTTPS server.

We have a key file and a Dartmouth-signed certificate built for and I'm using an ssl.conf file that looks like this:


SSLEngine on

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLCertificateFile /usr/local/apache2/conf/ssl.crt/bar.crt
SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/bar.key
SSLCACertificatePath /usr/local/apache2/conf/ssl.crt
SSLVerifyClient optional
SSLVerifyDepth  5

SSLPassPhraseDialog  builtin
SSLSessionCache dbm:/usr/local/apache2/logs/ssl_scache
SSLSessionCacheTimeout 300

AcceptMutex flock
LockFile /usr/local/apache2/logs/httpd.lock
SSLMutex  file:/usr/local/apache2/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

     DocumentRoot "/Library/WebServer/Documents"

     ErrorLog /usr/local/apache2/logs/error_log
     TransferLog /usr/local/apache2/logs/access_log
     CustomLog /usr/local/apache2/logs/ssl_request_log \
               "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

When I try to launch Apache with this config file, I get this in my logs/error_log:

[Fri Jan 20 13:09:36 2006] [warn] RSA server certificate CommonName (CN) 
`' does NOT match server name!?
[Fri Jan 20 13:09:36 2006] [error] Illegal attempt to re-initialise SSL for 
server (theoretically shouldn't happen!)

I think these errors are trying to point me in the right direction, but I just 
don't know enough about mod_ssl to know what direction that is. Given that the 
HTTP responder on port 80 works just fine for, I can't see how 
there could be confusion over the CommonName.

Can someone help me decipher this and figure out why I can't get my SSL instance 
running? Is there something I'm just not setting in my ssl.conf file? Is there 
more info that I need to post? Things are getting a little desperate for us with 
this server, so any help I can get would be most appreciated. Thanks.

Brian V. Hughes
Associate Director for Web Operations (aka. Webmaster)
Computing Technical Services
Dartmouth College

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message