Hi Jon! Your problem lies in that you have name-based and not IP based virtual host for the ssl ones! The faq at modssl explains better why.... change it to 2 ip based and your in the clear! / HTH Jimmy
At 10:16 2002-06-28 +0100, you wrote: >Hi all, > >Apologies if this has been asked before - I'm very new to this list. > >I'm running Apache 1.3.26 with mod-ssl 2.8.9-1.3.26. There are many domains >on the box in question (40ish) and 2 of them use SSL. For the sake of >argument let's call them example.com and example2.com - these are both >name-based virtual servers. > >I've created certificates for them using the ssl.ca package - I created my >own root CA and then generated/signed certificates for both domains, >providing the correct CN in each case. > >So we have example.com CA key signing server certificates for >www.example.com and www.example2.com. > >Whenever I go to https://www.example.com/ - it works great. No problems >whatsoever. However with https://www.example2.com/ it seems to be using the >certificate for www.example.com - IE pops up the error saying that the name >on the cert doesn't match the site name. > >The thing that is baffling me is that this *did* work at one point. I first >set up SSL and got it working perfectly for both domains around about July >last year - using whatever was the latest version at that point. > >The ssl_engine_log file shows the following for a request for a single HTML >file on www.example2.com > >[28/Jun/2002 10:14:04 01309] [info] Connection to child 6 established >(server www.example.com:443, client 217.135.39.70) >[28/Jun/2002 10:14:04 01309] [info] Seeding PRNG with 23177 bytes of >entropy >[28/Jun/2002 10:14:04 01309] [info] Connection: Client IP: 217.135.39.70, >Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) >[28/Jun/2002 10:14:04 01309] [info] Connection to child 6 closed with >standard shutdown (server www.example.com:443, client 217.135.39.70) >[28/Jun/2002 10:14:06 01310] [info] Connection to child 7 established >(server www.example.com:443, client 217.135.39.70) >[28/Jun/2002 10:14:06 01310] [info] Seeding PRNG with 23177 bytes of >entropy >[28/Jun/2002 10:14:07 01310] [info] Connection: Client IP: 217.135.39.70, >Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) >[28/Jun/2002 10:14:07 01310] [info] Initial (No.1) HTTPS request received >for child 7 (server www.example2.com:443) >[28/Jun/2002 10:14:07 01310] [info] Connection to child 7 closed with >unclean shutdown (server www.example2.com:443, client 217.135.39.70) > >THe useful parts of my httpd.conf are in the attached file. > >If anyone could help with this I'd be extremely grateful. > >Cheers, >Jon. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
