On 06/10/2014 10:41 AM, Stephan Seitz wrote:
>> In the end, I ended up with TWO blocks in the Apache
>> config after all. All works now, as long as you remember to add
>> "NameVirtualHost *:443"!
>>
>> For reference, the following is my full Apache config for HTTPS on
>> keyserver.zap.org.au:
>
> In the end, I ended up with TWO blocks in the Apache
> config after all. All works now, as long as you remember to add
> "NameVirtualHost *:443"!
>
> For reference, the following is my full Apache config for HTTPS on
> keyserver.zap.org.au:
Since some clients don't use SNI, I'ld swap the ent
Hi, Phil et al.,
> > To clarify: I want to serve my own ZAP Group certificate when HTTPS
> > queries come to keyserver.zap.org.au, and the sks-keyservers.net
> > certificate when queries come to *.sks-keyservers.net. Can I do
> > this with ONE block in Apache, or must I use two?
>
> I can't defi
On 2014-06-02 at 08:51 +1000, John Zaitseff wrote:
> To clarify: I want to serve my own ZAP Group certificate when HTTPS
> queries come to keyserver.zap.org.au, and the sks-keyservers.net
> certificate when queries come to *.sks-keyservers.net. Can I do
> this with ONE block in Apache, or must I
Hi, Martin,
> Again, I'm sorry I missed the point of the question.
Not at all! And thanks for your suggestions, too!
John
--
John Zaitseff,--_|\The ZAP Group
Phone: +61 2 9643 7737 / \ Sydney, Australia
E-mail: j.zaits...@zap.org.au \_,--._* http://
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
AFAIK you need two. I'm sorry, I missed the point, you have a
special case (as far as apache is concerned), one virtual host, but
two certificates need to be presented on demand. So, AFAIK/IMHO you
need to have two virtual hosts just for the s
Hi,
> This link might help.
> https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
Thanks, Martin. However, I've already read that, and it doesn't
answer my specific question.
To clarify: I want to serve my own ZAP Group certificate when HTTPS
queries come to keyserver.zap.org.au, and the sk
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
This link might help.
https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
However this relies on an extension to TLS calles SNI (server name
indication), which sadly isn't implemented in all clients, some less
popular or older browsers for exa
Hi,
I am setting up https://keyserver.zap.org.au/ to be used by
hkps.pool.sks-keyservers.net. I am trying to serve different SSL
certificates depending on the incoming hostname. Does anyone know
if this is possible within the SAME VirtualHost configuration block
under Apache?
My current configu
