httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jacek Chmielewski" <jacek.chmielew...@gmail.com>
Subject [users@httpd] Name based virtual hosts and wildcard certificate
Date Wed, 29 Mar 2006 23:18:16 GMT
Hi

I have a problem with running HTTPS for name based virtual hosts. I
know that 'SSL wont work for name-based virtual hosts'
[http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47]. But it is known
that for name based virtual hosts Apache will read the certificate set
for the fist vhost and this is ok for me, since I have just one
wildcard certificate [*.mydomain.com] and I use it for all vhosts.

It seems to work properly with 5-7 virtual hosts. But when i try to
add another vhost with the same certificate Apache throws an error:

[error] Oops, no RSA or DSA server certificate found for
'vhost8.mydomain.com:0'?!

I have no idea why there is a problem. All vhosts differ only with
ServerName and DocumentRoot. The rest of the configuration is the same
and all vhosts have the same certificate. So why Apache tells me that
it cannot find the certificate file when it already read it for the
previous seven vhosts? Any ideas where to look for solution?

OS: FreeBSD 6
Apache: 2.2.0_7 (but I got the same error with Apache 2.0)

Sample vhost config:

<VirtualHost *:443>
   ServerName vhost8.mydomain.com
   DocumentRoot /home/www/vhost8
   DirectoryIndex index.php index.html

   SSLEngine on
   SSLCertificateFile          /usr/local/etc/apache22/crt/server.crt
   SSLCertificateKeyFile       /usr/local/etc/apache22/crt/server.key
   SSLCACertificateFile        /usr/local/etc/apache22/crt/ca.crt
</VirtualHost>

--
Best regards

 ..:: Jacek Chmielewski :: IT outsourcing group :: www.itog.pl ::..

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message