On Fri, Apr 21, 2000 at 11:11:23AM -0500, Wes Campbell wrote:
> I am currently running an apache server on Linux with two c-names. I am
> trying to use a different certificate for each c-name. I ran "make
> certificate TYPE=test" twice to get two test certificates, one for each .
> The module is working fine. When I go to the first c-name, it just gives me
> the ol' "CA not valid", however when I go to the second c-name, it's using
> the certificate from the first. I checked my httpd.conf settings and each
> c-name is pointing at a different Cert and Key file. I can't think of
> anywhere else to check settings.
>
> If anyone else has done this, or someone sees a point of ignorance in my
> logic, I would appreciate and information you might have. Thanks in
> advance.
It really is quite simple - cnames and server certificates don't go very
well together. The problem is that the server certificate is sent to the
client during the initial SSL handshake, long before the client can tell
the server which virtual host it wants. That's the way the SSL spec is.
The only way to do it is to have one ip for each server certificate.
vh
Mads Toftum
--
`Darn it, who spiked my coffee with water?!' - lwall
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
