httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <>
Subject Re: [users@httpd] SSL + name-based virtual host
Date Wed, 09 May 2007 17:43:00 GMT
On 5/9/07, Liz Kim <> wrote:

> <IfModule mod_ssl.c>
>     Include conf.d/ssl.conf
> </IfModule>
> /*......*/
> NameVirtualHost OUR_IP_ADDRESS:80
>  <VirtualHost OUR_IP_ADDRESS:443>
>  ServerName
>   DocumentRoot  /var/www/html1
>  </VirtualHost>
>  <VirtualHost OUR_IP_ADDRESS:80>
>   ServerName
>   DocumentRoot /var/www/html2
>  </VirtualHost>
>  <VirtualHost OUR_IP_ADDRESS:80>
>   ServerName
>   DocumentRoot /var/www/html3
>  </VirtualHost>
>  =================================
> where conf.d/ssl.conf file contains all the appropriate codes for enabling
> SSL - loading the module, certificate and key definitions, etc.
> However, when I do this, will point to
> and does not work.
> The certificate is issued to which is also the name of the
> server....
> Any help would be greatly appreciated!!!
> Are there any easy to follow guides on how to ssl enable name-based virtual
> hosts?

In general, you can't have SSL with name-based virtual hosts, because
the ssl negotiation happens before the name is known.

It is hard to tell exactly what you are trying to achieve, but you CAN
have a bunch of non-ssl name-based virtual hosts plus ONE ssl virtual
host on the same server.

What you have doesn't work for two reasons:

1. You removed the non-ssl (port 80) virtual host for You
need to put that back and have the port 443 virtual host as a separate
<VirtualHost> block.

2. Instead of using conf.d/ssl.conf, just put the ssl directives
directly inside the <VirtualHost IP:443>. If you look inside ssl.conf,
you'll probably find it is defining a separate <VirtualHost> block
which is being ignored due to your <VirtualHost IP:443>.


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message