On Wed, Apr 11, 2018 at 1:07 PM, Yann Ylavic <ylavic....@gmail.com> wrote:
> On Wed, Apr 11, 2018 at 7:03 PM, Joe Orton <jor...@redhat.com> wrote:
>> Like this? Is this likely to break some other currently-working config?
>>
>> Index: modules/ssl/ssl_engine_init.c
>> ===================================================================
>> --- modules/ssl/ssl_engine_init.c (revision 1828914)
>> +++ modules/ssl/ssl_engine_init.c (working copy)
>> @@ -261,7 +261,8 @@
>> * the protocol is https. */
>> if (ap_get_server_protocol(s)
>> && strcmp("https", ap_get_server_protocol(s)) == 0
>> - && sc->enabled == SSL_ENABLED_UNSET) {
>> + && sc->enabled == SSL_ENABLED_UNSET
>> + && (!apr_is_empty_array(sc->server->pks->cert_files))) {
>> sc->enabled = SSL_ENABLED_TRUE;
>> }
>
> So now your configuration would work because the second vhost wouldn't
> have SSL enabled?
> But doesn't the user want SSL on this vhost in the first place?
If they worked before, it seems like they were relying on a handshake
with the default VH for the NVH -- which they still get?
--
Eric Covener
cove...@gmail.com
