> While we're on this topic...
> Owen Boyle wrote .... on 01.03.26
>
> "This question comes up so often it ought to be in the .sig of the list... ", and
> this ends with "Use different port numbers for different SSL hosts".
>
> I personally don't know what the .sig would mean, but the last comment
> intriques me.
>
> By using different IP ports ... might something like the following work?
> For example:
I have made this work, however there are drawbacks to this solution.
1) you need at least 2 certs, one for the virtual hosting server and
the second one for the client (in our example, server.cert and
acme.com.cert). If you used self-signed certs, the user is asked
TWICE to accept the cert, one for the server.cert and secondly for the
acme.com cert.
2) when you contact https://acme.com, what you end up with in the
browser's location is actually "https://acme.com:8443". If someone
bookmarks this and you rearrange your port numbers, they're screwed.
<VirtualHost 192.168.1.1:443>
ServerAdmin [EMAIL PROTECTED]
ServerName acme.com
Redirect / https://acme.com:8443
SSLCertificateFile /path/to/original/server.cert
SSLCertificateKeyFile /path/to/original/server.key
</VirtualHost>
<VirtualHost 192.168.1.1:443>
ServerAdmin [EMAIL PROTECTED]
ServerName perigee.com
Redirect / https://perigee.com:8444
SSLCertificateFile /path/to/original/server.cert
SSLCertificateKeyFile /path/to/original/server.key
</VirtualHost>
<VirtualHost 192.168.1.1:8443>
ServerAdmin [EMAIL PROTECTED]
ServerName acme.com
DocumentRoot /var/www/acme.com
SSLCertificateFile /path/to/original/acme.com.cert
SSLCertificateKeyFile /path/to/original/acme.com.key
</VirtualHost>
<VirtualHost 192.168.1.1:8444>
ServerAdmin [EMAIL PROTECTED]
ServerName perigee.com
DocumentRoot /var/www/perigee.com
SSLCertificateFile /path/to/original/perigee.com.cert
SSLCertificateKeyFile /path/to/original/perigee.com.key
</VirtualHost>
By the way, in putting this email together, I actually tried this on
my server (with different names). One thing I did not get working was
using this in conjunction with VirtualDocumentRoot like this:
(replace first 2 virtual hosts above with this)
<VirtualHost 192.168.1.1:443>
ServerAdmin [EMAIL PROTECTED]
ServerName server.com
VirtualDocumentRoot /www/%0
Redirect /www/acme.com https://acme.com:8443
Redirect /www/perigee.com https://perigee.com:8444
SSLCertificateFile /path/to/original/server.cert
SSLCertificateKeyFile /path/to/original/server.key
</VirtualHost>
I could never get this to follow the redirects.
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]