> I have made this work, however there are drawbacks to this solution. Grrr, I take it back, I can't reproduce it now. I still get the "name check, site name does not match certificate" warning before it follows the redirect.
> 1) you need at least 2 certs, one for the virtual hosting server and > the second one for the client (in our example, server.cert and > acme.com.cert). If you used self-signed certs, the user is asked > TWICE to accept the cert, one for the server.cert and secondly for the > acme.com cert. > > 2) when you contact https://acme.com, what you end up with in the > browser's location is actually "https://acme.com:8443";. If someone > bookmarks this and you rearrange your port numbers, they're screwed. > > > <VirtualHost 192.168.1.1:443> > ServerAdmin [EMAIL PROTECTED] > ServerName acme.com > Redirect / https://acme.com:8443 > SSLCertificateFile /path/to/original/server.cert > SSLCertificateKeyFile /path/to/original/server.key > </VirtualHost> > > <VirtualHost 192.168.1.1:443> > ServerAdmin [EMAIL PROTECTED] > ServerName perigee.com > Redirect / https://perigee.com:8444 > SSLCertificateFile /path/to/original/server.cert > SSLCertificateKeyFile /path/to/original/server.key > </VirtualHost> > > > <VirtualHost 192.168.1.1:8443> > ServerAdmin [EMAIL PROTECTED] > ServerName acme.com > DocumentRoot /var/www/acme.com > SSLCertificateFile /path/to/original/acme.com.cert > SSLCertificateKeyFile /path/to/original/acme.com.key > </VirtualHost> > > <VirtualHost 192.168.1.1:8444> > ServerAdmin [EMAIL PROTECTED] > ServerName perigee.com > DocumentRoot /var/www/perigee.com > SSLCertificateFile /path/to/original/perigee.com.cert > SSLCertificateKeyFile /path/to/original/perigee.com.key > </VirtualHost> ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
