I'm running: Apache/2.2.13 (Unix) mod_ssl/2.2.13 OpenSSL/0.9.8k
mod_jk/1.2.26
I have these two virtual hosts set up (I added a space between 'xten'
and 'it' to keep search engines from picking this email up) :
<VirtualHost 199.107.233.199:443 >
ServerName segments.xten it.com
<snip>
#use this virt host if the servername matches *.a.xten it.com
<VirtualHost 199.107.233.199:443 >
ServerName a.xten it.com
#ServerName can't have a *, it has to go in ServerAlias
ServerAlias *.a.xten it.com
I have these two virtual hosts because recently Firefox stopped
accepting our certificate that had *.*.xten it.com as the CN. I added a
new virtual host with a new certificate for *.a.xten it.com and this
setup works most of the time, but today I find that when I go to
https://thomasnet-m.a.xten it.com/ in Firefox I'm getting a ssl cert
warning because I'm getting the certificate for *.*.xten it.com instead
of the certificate for *.a.xten it.com. All other domains I have tried
like https://jks-m.a.xten it.com/ do work.
Now here's the kicker: When I click through the warning in Firefox my
logs show that I am going to the second virtual host, the one with the
that *.a certificate, even though I'm using the *.* certificate. So how
is it apache is sending me to the correct virtual host but serving up
the wrong certificate?
More tidbits:
I have the exact same setup on port 444, but port 444 is fine.
This was working for me yesterday. I restarted my desktop since then,
but not apache.
My browser is: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3)
Gecko/20090909 Fedora/3.5.3-1.fc11 Firefox/3.5.3
This problem has happened a few times since I installed the new
certificate but hasn't been reliably reproduceable.
Firefox 3.5.3 for windows (run in wine) does not have this problem.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org