Hécber and Lou, Oops. I missed the part in the original post about this being for SSL-enabled VirtualHosts :(...
Sorry for any confusion... Jim ---- "Hécber Córdova" <[email protected]> wrote: > Hi *, > > Certainly you can configure Apache to use virtualHosts based on domain > names, > and this works perfect with HTTP (1.1). However, this cannot be achieved > using > SSL, and the answer is simple, the SSL is established using the server IP, > and > during the SSL negotiation (handshake), there is no mention to > servername/domain, the server certificate/private keys are used during the > negotiation, and Apache needs to know what certificate is going to use (and > the virtual host must choose the certificate before even know what > virutalhost > name the client is referring to). After the SSL negotiation, the client will > send the HTTP request with the "host" clause (the host contains the domain > name of the server), but the certificate has been used in the negotiation. > > In few words, first the SSL is negotiated and then the virtualhost is > selected. > > With this in mind, the only options for running multiple virtual host > with > SSL are: assigning multiples IPs to the server or running each instance in a > different port. > > Regards, > > Hecber > > -----Original Message----- > From: [email protected] > [mailto:[email protected]] > On Behalf Of [email protected] > Sent: Monday, November 16, 2009 9:00 AM > To: [email protected] > Cc: Lou Picciano > Subject: Re: how to merge multiple public domain certs into one file? > > Hi, > > Unless I'm misunderstanding things, you *can*, by using ServerName inside > each > of the <VirtualHost> sections: > > http://httpd.apache.org/docs/2.0/vhosts/name-based.html > > Jim > > > ---- Lou Picciano <[email protected]> wrote: > > I didn't think it possible to server multiple virtual SSL domains from one > > Apache instance (on the same IP, at least). > > I suppose if you use different IP numbers this constraint goes away. Has > > something changed about Apache in this regard? > > > > > > Then, you have the matter of: If each virtual SSL domain setup must > > reference its own cert(s), how would this be accomplished if all your > > certs, > > for all domains, were consolidated into one big file? > > > > > > Lou Picciano > > > > ----- Original Message ----- > > From: "M C" <[email protected]> > > To: [email protected] > > Sent: Saturday, November 14, 2009 12:56:09 PM GMT -05:00 US/Canada Eastern > > Subject: how to merge multiple public domain certs into one file? > > > > Hi... > > I've been struggling with how to concatenate multiple public domain certs > > into one crt file. > > > > Basically, I have 5 SSL virtual host domains running on 1 apache httpd > > server and each host has a separate GeoTrust domain certificate. Instead of > > having 5 individual public *.crt files, is there anyway to merge them > > together into 1 file. > > > > Any information would be much appreciated. > > > > Thanks in advance, > > Michael > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [email protected] > Automated List Manager [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
