Sorry, no time to respond in detail for a day or two, this'll have to
do.
If you have your system misconfigured so that security credentials are
unavailable, that is a security issue, not a configuration issue.
A principal tenant of security is: "if something's broke, stop. NEVER
silently downgrade."
Perhaps if Apache provided a way to "disable" a single virtual server...
but it doesn't. So the tenant above forces a full-stop on the whole
thing.
Admittedly, the error messages could be better. That's a truisim in the
computer field. :)
/r$
PS: Nothing stopped you from bringing up a separate server on a
different port with all but the SSL vhost removed....
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
