> Can't mod_ssl handle separate certificates for each vhost?
Not for name based hosts. See the FAQ!
> If not, then why are
> the SSSCertificate(Key)File directives used in <VirtualHost> instead of
> being global?
Because <VirtualHost>s can also be IP or port based.
Could mod_ssl be changed to refuse to start up if name based virtual
secure hosts are set up, with an appropriate message ("READ THE FAQ!")
output to the Apache log files?
You'd probably want another configuration directive too,
SSLYesIHaveReadTheFAQ on
too override this new behavior for situations where someone doesn't
care about the browser errors (eg in a dev environment).
--
Paul McGarry mailto:[EMAIL PROTECTED]
Systems Integrator http://www.opentec.com.au
Opentec Pty Ltd http://www.iebusiness.com.au
6 Lyon Park Road Phone: (02) 9878 1744
North Ryde NSW 2113 Fax: (02) 9878 1755
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]