Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id BBDCC986F for ; Fri, 17 May 2013 06:26:41 +0000 (UTC) Received: (qmail 66519 invoked by uid 500); 17 May 2013 06:26:38 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 66388 invoked by uid 500); 17 May 2013 06:26:34 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 66368 invoked by uid 99); 17 May 2013 06:26:33 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 May 2013 06:26:33 +0000 X-ASF-Spam-Status: No, hits=-0.0 required=5.0 tests=RCVD_IN_DNSWL_NONE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (nike.apache.org: domain of go4unkwn@gmx.net designates 212.227.17.22 as permitted sender) Received: from [212.227.17.22] (HELO mout.gmx.net) (212.227.17.22) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 17 May 2013 06:26:26 +0000 Received: from mailout-de.gmx.net ([10.1.76.27]) by mrigmx.server.lan (mrigmx001) with ESMTP (Nemesis) id 0MhgAH-1UqeMR35gh-00Mtf0 for ; Fri, 17 May 2013 08:26:04 +0200 Received: (qmail invoked by alias); 17 May 2013 06:26:04 -0000 Received: from 46-126-240-15.dynamic.hispeed.ch (EHLO [192.168.5.160]) [46.126.240.15] by mail.gmx.net (mp027) with SMTP; 17 May 2013 08:26:04 +0200 X-Authenticated: #150088261 X-Provags-ID: V01U2FsdGVkX19hhsE0i4BhrkJSKPVnJ5ExBPGsX33rrTFlk/ZfG2 J7aTEObPsl5w9V Message-ID: <5195CD78.2060309@gmx.net> Date: Fri, 17 May 2013 08:26:00 +0200 From: Roland Wegmann User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:17.0) Gecko/20130509 Thunderbird/17.0.6 MIME-Version: 1.0 To: users@httpd.apache.org Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit X-Y-GMX-Trusted: 0 X-Virus-Checked: Checked by ClamAV on apache.org Subject: [users@httpd] Security using alias directive in a https vhost Dear apache2 experts I run three name-based apache2 vhosts on an Ubuntu 12.04 LTS server. I can reach all three vhosts from the internet using https and FQDN. My CA is CACert and I adapted the original default-ssl (in sites-available) config file for my three vhosts. So lets the three name-based vhost call example.com foo1.example.com foo2.example.com for example. I can reach them from the internet using https://example.com https://foo1.example.com https://foo2.example.com Now I have added to alias directives in the vhost config file of example.com Alias /foo1 "/var/www/foo1.example.com/public" Options Indexes MultiViews FollowSymLinks AllowOverride all Order allow,deny Allow from all Alias /foo2 "/var/www/foo2.example.com/public" Options Indexes MultiViews FollowSymLinks AllowOverride all Order allow,deny Allow from all so I can reach the three vohosts using https://example.com https://example.com/foo1 https://example.com/foo2 Now my question is: when I use the alias directives for foo1 and foo2, what happens whit the ssl encription in relation to foo1 and foo2? Does foo1 and foo2 use the ssl encription from example.com? Or are logins and the data excange from and to foo1 and foo2 unencrypted? Kind regards, Roland --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org For additional commands, e-mail: users-help@httpd.apache.org