Actually it is possible since a wildcard certificate is being used
As long as each virtual host is valid for that certificate everything
will work.
Example wildcard certificate for *.mydomain.com
and the following virtual hosts
<VirtualHost *:80 *:443>
ServerName www.mydomain.com
...
</VirtualHost>
<VirtualHost *:80 *:443>
ServerName www2.mydomain.com
...
</VirtualHost>
The wildcard certificate is valid for both virtual hosts so this
scenario will work
On 16-Mar-06, at 7:48 AM, Markus Mayer wrote:
Hi,
OK, I didn't make my point very well actually. Yes it works even
when you
have multiple ssl hosts on the same IP. The problem is only one
certificate
is valid, and the browser will put up a message saying something
like the
certificate is valid but not issued for this host. This is the
thing that
doesn't work that I was talking about. As for a wildcard
certificate, I
actually haven't heard of one, which of course doesn't say they
don't exist.
So, to answer your question, yes, what you have will run, but it
doesn't
really make much sence, especially if you have to provide a commercial
solution, as I do.
greetings from Austria
Markus
On Thursday 16 March 2006 12:55, Frédéric Jolliton wrote:
Hi Markus,
[..]
Again, there is no problems with this config, but I was just
wondering about its validity.
[..]
Actually, having multiple HTTPS virtual hosts on the same IP address
is not possible becasue of limitations in SSL itself.
Are you sure you read my message in details ? I presented a *working*
configuration (I'm running it on my server.)
It's possible to have several https virtual hosts on the same IP
address (on the same port), as long as the certificate's 'cn' field
match all the corresponding domain names. So you need a wildcard
certificate (and client supporting at least one '*' wildcard.) And to
be more precise, it works even without any valid 'cn' as long as the
client process https without taking care of the certificate (useless
and bad, but possible.)
I asked because I would like to know if it's fine to configure the
server as shown in my original message.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
