This is starting to bother me. I have multiple certs for multiple sites. I
end up with one of two results when attempting to configure virtual servers.
If I set up my httpd.conf.ssl file like so (this is an excerpt which I am
aware is wrong)...
NameVirtualServer xxx.xxx.xxx.1:443
<VirtualServer xxx.xxx.xxx.1:443>
....serverinfo...
....server certlocation...
...etc...
</VitrualServer>
<VirtualServer xxx.xxx.xxx.1:443>
....server2info...
....server 2 certlocation...
...etc...
</VirtualServer>
this way, as expected, I get only the first certificate regardless of which
site I access.
If I set it up with two virtual IP's, or one IP and 2 ports (443 and 444), I
get sent to the first SITE, no matter what. I'm posting an abridged version
of my current httpd.conf.ssl (ssl only...regular http is in httpd.conf) file
for all to laugh at. Feel free to give suggestions.
--------------------http.conf.ssl follows-------------------------
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:var/logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex file:var/logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
SSLLog var/logs/ssl_engine_log
SSLLogLevel info
</IfModule>
<IfDefine SSL>
NameVirtualHost xxx.xxx.xxx.1:443
NameVirtualHost xxx.xxx.xxx.1:444
<VirtualHost xxx.xxx.xxx.1:443>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /www/domain.com/adm-toc
ServerName adm-toc.domain.com
Port 443
<Directory />
Options Indexes IncludesNoExec ExecCGI FollowSymLinks
AllowOverride All
</Directory>
ScriptAlias /cgi-bin /www/domain.com/adm-toc/cgi-bin
Alias /b4hos/ /www/domain.com/b4hos/
Alias /assets/ /www/domain.com/assets/
ErrorLog "/www/domain.com/logs/adm_toc-error_log"
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog /www/domain.com/logs/adm_toc-access_log common
SSLEngine on
SSLCertificateFile
/www/domain.com/conf_apache/adm-toc/crt/server.crt
SSLCertificateKeyFile
/www/domain.com/conf_apache/adm-toc/key/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /www/domain.com/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost xxx.xxx.xxx.1:444>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot /www/domain.com/control
ServerName control.domain.com
Port 444
<Directory />
Options Indexes IncludesNoExec ExecCGI FollowSymLinks
AllowOverride All
</Directory>
ScriptAlias /cgi-bin /www/domain.com/cgi-bin
Alias /billing/ /www/domain.com/adm-toc/billing
Alias /b4hos/ /www/domain.com/b4hos/
Alias /assets/ /www/domain.com/assets/
ErrorLog "/www/domain.com/logs/control-error_log"
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog /www/domain.com/logs/control-access_log common
SSLEngine on
SSLCertificateFile
/www/domain.com/conf_apache/control/crt/server.crt
SSLCertificateKeyFile
/www/domain.com/conf_apache/control/key/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
CustomLog /www/domain.com/logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
</IfDefine>
-----------------------end of
httpd.conf.ssl---------------------------------------
Adrian Stovall
Senior Consultant
[EMAIL PROTECTED]
PFK Business Systems, Inc.
Voice (972) 621-0300
Fax (972) 621-0507
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
