Dear all,
Apologies for what might seem like a newbie,
already-answered-a-million-times question, but I can't seem to find a
definitive solution which works for me in the list's archive.
Problem: Am running Apache/1.2.5 Ben-SSL/1.13 mod_perl/1.08 on Linux
2.0.27. Having compiled in the SSL stuff and got httpsd working with a
single host + Thawte test certificate, I've now been trying to set up
virtual hosting using Thawte test certificates. Let's say the hosts
are:
www.foo.com
www.bar.com
When I access
https://www.foo.com
Netscape brings up the standard security dialog boxes and when I look in
more info I can see the Thawte test certificate corresponding to www.foo.com.
When I now try to access
https://www.bar.com
the browser will bring up the same security dialog box, but imporantly
with the same certificate (ie the one belonging to www.foo.com).
If I hit the OK/Next button's on the ensuing dialog boxes, Netscape will
eventually display an error dialog box "The server has encountered bad
data from the client". From there on, https://www.bar.com is inaccessible
unless I restart Netscape.
If I reverse the order in which I visit the two sites, I get the same
symptoms but the other way round, ie the certificate belonging to www.bar.com
appears when I visit www.foo.com, and again I eventually hit "The server
has encountered bad data from the client".
I am truly at my wit's end... can anyone help? It couldn't be that I'm
using test certificates????
Here's a bit more information if it helps:
A sample from the error logs:
[Tue Apr 7 18:37:17 1998] SSL_Accept failed
[Tue Apr 7 18:37:17 1998] error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert
handshake failure
[Tue Apr 7 18:45:18 1998] SSL_Accept failed
[Tue Apr 7 18:45:18 1998] error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate
[Tue Apr 7 18:50:38 1998] SSL_Accept failed
[Tue Apr 7 18:50:38 1998] error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
certificate
The httpd.conf looks like this overall:
BindAddress *
Listen 443
Listen 80
SSLDisable
<virtualhost www.foo.com:80>
### normal http site/directives
</virtualhost>
<virtualhost www.foo.com:443>
SSLCertificateFile /files/certs/www.foo.com.crt
SSLCertificateKeyFile /files/certs/www.foo.com.key
SSLLogFile /dev/null
### usual directives eg documentroot, scriptalias etc
</virtualhost>
<virtualhost www.bar.com:80>
### normal http site/directives
</virtualhost>
<virtualhost www.bar.com:443>
SSLCertificateFile /files/certs/www.bar.com.crt
SSLCertificateKeyFile /files/certs/www.bar.com.key
SSLLogFile /dev/null
### usual directives eg documentroot, scriptalias etc
</virtualhost>
Alex
PS I would be VERY grateful for help, documentation, pointers, urls,
whatever...
Alex Nunes
Transaxion Ltd
8-10 Haymarket, London SW1Y 4BP, UK
Tel: 00 44 (0) 171 925 2522
Mobile: 00 44 (0) 411 344 779
Email: [EMAIL PROTECTED]
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
