"Dr. Peter Kanyion" wrote: > > Hello folks, > > I'll greatly appreciate any help you could offer in getting to the right > solution to my problems. I'm acquainted with Apche and SSL, but I'm not a > GURU. > I have two domains, let say mydomain1.com and mydomain2.com and a single > registered IP address. Both domains are mapped to the single IP address and > the domain lookup is working perfectly. > > I've installed Apache 1.3.19 with mod_ssl version 2.8. Using the default > configuration, I could access the domain mydomain1.com via http(80) and > https(443) without problems. > > Now I'm in the process of modifying the configuration to incorporate both > domains. I've not been very succesful in getting this accomplihed. > > Here is in summary what I actually want to accomplish. > > I want to access mydomain1.com via http (80) and https (443) and > mydomain2.com via http(80) and http(444). I have a single certificate. > > Based on information gathered via threads in this mailing list, I understand > that I could accomplish this using name-based virtual host.
Not quite. Name-based virtual-hosting doesn't work with SSL (see http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47 - the basic probelm is that you don't get the Host: header until everything is encrypted but you can't encrypt anything until you know what cert to use - and that's defined by the host header!). However, this is not what you are doing. Since you are happy to use port 444, you are using port-based virtual-hosting which works fine with SSL. The following should work: Listen 80 Listen 443 Listen 444 <VirtualHost *:443> SSLEngine On SSLCertificateFile ssl/server1.cert SSLCertificateKeyFile ssl/server1.key DocumentRoot "C:/websites/confidential_1" </VirtualHost> <VirtualHost *:444> SSLEngine On SSLCertificateFile ssl/server2.cert SSLCertificateKeyFile ssl/server2.key DocumentRoot "C:/websites/confidential_2" </VirtualHost> Note that although you want to use a single certificate, this will lead to problems - the cert contains the FQDN and this can only match one site. So the other, non-matching site will generate "cert doesn't match FQDN" warnings in the browser. If this doesn't work, please explain what is going wrong. Rgds, Owen Boyle. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
