httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Frode E. Moe" <fr...@CoreTrek.no>
Subject Re: [users@httpd] Virtual Hosts and SSL
Date Tue, 28 Nov 2006 09:14:31 GMT
On Tue, Nov 28, 2006 at 09:09:20 +0000, Steve Swift wrote:
> Where should I go to learn about configuring Virtual Hosts and SSL in the
> same apache?
> 
> I have virtual hosts woking using "NameVirtualHost *:80"
> SSL works for the Virtual Hosts *I* have defined
> 
> But in the (default) ssl.conf file installed with apache I find:
> 
> <VirtualHost _default_:443>
> SSLEngine on
> SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
> ... (other, less interesting lines)
> </VirtualHost>
> 
> What puzzles me is this:
> The VirtualHost definition above seems to be working as SSL is finding the
> Certificate File (otherwise how would SSL work at all?)
> How is this VirtualHost definition working in conjunction with
> "NameVirtualHost *:80" ?

You need a separate IP for each SSL virtualhost, since SSL certificates
are exchanged before any HTTP headers (especially the Host: header) are
transferred. So my guess is that apache just picks the first SSL
certificate applicable for a given IP. In other words, it makes no sense
to use NameVirtualHost for SSL / port 443. I don't think your *:80 stuff
makes any difference either way as that sould be independent of anything
on :443.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message