httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Markus Mayer <>
Subject Re: [users@httpd] Re: Are multiple <VirtualHost *:80 *:443> ok with wildcard cert ?
Date Thu, 16 Mar 2006 12:48:53 GMT

OK, I didn't make my point very well actually.  Yes it works even when you 
have multiple ssl hosts on the same IP.  The problem is only one certificate 
is valid, and the browser will put up a message saying something like the 
certificate is valid but not issued for this host.  This is the thing that 
doesn't work that I was talking about.  As for a wildcard certificate, I 
actually haven't heard of one, which of course doesn't say they don't exist.

So, to answer your question, yes, what you have will run, but it doesn't 
really make much sence, especially if you have to provide a commercial 
solution, as I do.

greetings from Austria

On Thursday 16 March 2006 12:55, Frédéric Jolliton wrote:
> Hi Markus,
> [..]
> >> Again, there is no problems with this config, but I was just
> >> wondering about its validity.
> [..]
> > Actually, having multiple HTTPS virtual hosts on the same IP address
> > is not possible becasue of limitations in SSL itself.
> Are you sure you read my message in details ? I presented a *working*
> configuration (I'm running it on my server.)
> It's possible to have several https virtual hosts on the same IP
> address (on the same port), as long as the certificate's 'cn' field
> match all the corresponding domain names. So you need a wildcard
> certificate (and client supporting at least one '*' wildcard.) And to
> be more precise, it works even without any valid 'cn' as long as the
> client process https without taking care of the certificate (useless
> and bad, but possible.)
> I asked because I would like to know if it's fine to configure the
> server as shown in my original message.

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message