Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 16656 invoked from network); 13 Nov 2009 02:16:30 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 13 Nov 2009 02:16:30 -0000 Received: (qmail 46645 invoked by uid 500); 13 Nov 2009 02:16:27 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 46600 invoked by uid 500); 13 Nov 2009 02:16:26 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 46591 invoked by uid 99); 13 Nov 2009 02:16:26 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Nov 2009 02:16:26 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of rtparies@gmail.com designates 209.85.220.211 as permitted sender) Received: from [209.85.220.211] (HELO mail-fx0-f211.google.com) (209.85.220.211) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 13 Nov 2009 02:16:18 +0000 Received: by fxm3 with SMTP id 3so1205160fxm.24 for ; Thu, 12 Nov 2009 18:15:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:date:message-id:subject :from:to:content-type; bh=OELdMXREoN7Q95GE3GGX14sRxTE1UhrahC7OtfO643I=; b=P2VnVQHuAZk7b2PZ7UCGZSJOY7ONHh6cJVv0CXuIdvV17Mcby/nLYwhku09qyvOCNr b34emHmgoLpJv3uE4jwqEzQYnXNFRm7kUd8XfpHlAIsd75FQICdTJYJHo822kA+7FWU0 R/WKAmDXLlzw2n6TL0at2rj2jFRfRBxoth4PM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=DzPvDA+UiSzoAZMhAFgH5JFaKSzJaYCkqPXVqtBmAIrO8OoI6b9QHNGGohRK1eDqBX WEJHAwIk05mmeiNaYYIHns4jPv9AI0fQm99GJj2Uai/DgpWQNe24X5XslYRPvZ0dS9+H vTF2cxpqf957t7Xh2MykblKSvqjz/LY9tHSFI= MIME-Version: 1.0 Received: by 10.223.4.144 with SMTP id 16mr528744far.36.1258078558691; Thu, 12 Nov 2009 18:15:58 -0800 (PST) Date: Thu, 12 Nov 2009 20:15:58 -0600 Message-ID: From: Randy Paries To: users@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-1 X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] apache with 2 SSL Certs Problem Hello, i have a box with two domains CentOS release 5.3 Server version: Apache/2.2.3 initially the box only had one IP and domain. I went and got a SSL cert for that domain and everything was fine. i then went and added a second IP and a second Domain (eventually i planned to split these) I then created a test self signed cert for the second domain/IP (same NIC card) Since i have done that my first domain/IP SSL gives me the error message that it is the incorrect cert "cert belongs to a different site" and when i look at the cert via FF it is all localhost / self signed stufff i even yesterday tried to re-issue the old cert openssl req -new -key www.mydomain.com.key -out www.mydomain.com.csr I have removed the ssl on the second domain for now in my httpd,conf I am pointing to the key and crt i just created SSLEngine on SSLCertificateFile /etc/httpd/conf/ssl.crt/www.mydomain.com.crt SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www.mydomain.com.key in the SSL error log i see [Thu Nov 12 09:26:41 2009] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Thu Nov 12 09:26:41 2009] [warn] RSA server certificate CommonName (CN) `localhost.localdomain' does NOT match server name!? I would really appreciate any help Randy --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See for more info. To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org " from the digest: users-digest-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org