Re: Message when starting ssl

Gilles L. Chong Hok Yuen Fri, 21 May 1999 01:36:27 -0700
Ok,
this is more on the DNS or Apache rather than ModSSL- but what the heck, just to
continue on the existing thread!

So im trying to change my name based vhosts to IP based. Commented off those
things: 1) Listen, 2) BindAddress, 3) NameVirtualHost in the httpd.conf.  Used
<VirtualHost 1.2.3.....> for vhost1 and <VirtualHost 4.5.6.....> for vhost2.

On my DNS, i have a Host Name corresponding to a unique Host Address (i.e IP
address) and then 1 Host Alias corresponding to a Host Name for each virtual host,
i.e

Host Name                    Host Address
a                                    1.2.3.....
b                                    4.5.6....

Host Alias                    Host Names
1                                    a
2                                    b

1 corresponds to the ServerName  1 in <VirtualHost 1.2.3....> for vhost 1 in my
httpd.conf file. Same for 2.

Somehow, when i do that, i cant get to both 1 and 2!!!!!

G.

Derek Smith wrote:

> Gilles,
>
> I belive that it is only possible to use IP based virtual hosts with SSL, so if
> you are using name based, your problem may be to do with that.
>
> Regards,
>
> Derek.
>
> "Gilles L. Chong Hok Yuen" wrote:
>
> > You are rite Derek!
> > So i created 2 priv keys (in ../ssl.key/) n 2 server certs (in ../ssl.crt/)
> > for my 2 virtual hosts- using the ssleay commands. Reading the server certs
> > #ssleay x509 -noout -text -in <name>.crt  gives 2 different cert contents.
> > Here is the prob:
> > In my httpd.conf file, I specifically point out each virtual host to their
> > respective cert n priv key:
> >
> > <VirtualHost 1>
> > SSLCertificateFile    /opt/apache/SSLapache_1.3.4/conf/ssl.crt/1.crt
> > SSLCertificateKeyFile /opt/apache/SSLapache_1.3.4/conf/ssl.key/1.key
> > </Virtual Host>
> >
> > <VirtualHost 2>
> > SSLCertificateFile    /opt/apache/SSLapache_1.3.4/conf/ssl.crt/2.crt
> > SSLCertificateKeyFile /opt/apache/SSLapache_1.3.4/conf/ssl.key/2.key
> > </VirtualHost>
> >
> > Starting the SSL server even asks for each virtual host's respective password
> > (*as pointed out by Derek*).
> >
> > Here is the prob:
> > On the browser, going on those 2 sites gives the SAME certificate info. More
> > precisely info on the virtual host listed first in the httpd.conf file. If i
> > place the <VirtualHost 2> ... </VirtualHost> BEFORE <VirtualHost 1> ...
> > </VirtualHost>, then both sites display the info on cert belonging to v host
> > 2. Basically, which comes first have total control!
> > Testing with 1 virtual host at a time gives the proper result. URL 1 will
> > display cert info of virtual host 1. 2 will be 2. But putting those 2 virtual
> > hosts together, the first one listed in the httpd.conf will have priority and
> > total control!!!!!
> >
> > N i can get in both sites even if the cert belonging to the respective server
> > doesnt correspond to that particular server.
> >
> > Any idea why?
> >
> > G.

--
Gilles Chong ([EMAIL PROTECTED], [EMAIL PROTECTED])
Systems Engineer, Internet Division
CSA Automated Pte Ltd, Singapore.


______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      [EMAIL PROTECTED]
Automated List Manager                            [EMAIL PROTECTED]
Re: Message when starting ssl

Reply via email to
