This question is related to one I already posted to Canonical's Launchpad site 
for Ubuntu support: 
https://answers.launchpad.net/ubuntu/+source/apache2/+question/233966

We are using Apache 2.2.22 as provided with Ubuntu 12.04. We are hosting a 
website for another company. Our FQDN is something like site5.company.com. The 
other company also has their DNS pointing to our IP for their users, something 
like site.othercompany.com. Both are A records.

We would like to enable SSL but still be able to get to the server without SSL 
(same content served from both ports 80 and 443). We would like to use one SSL 
cert for all hostnames used to reach the server - so the server should be 
reachable from site5.company.com and site.othercompany.com, both using the same 
cert. We are okay with getting browser warnings when going to site5.company.com.

To be clear, we do not want to distinguish the request by hostname.  We don't 
care if the request is for site5.company.com, site.othercompany.com, or 
foo.bar.  All requests should get the same content.  The only thing we want to 
distinguish is the port.  The only difference should be that if the request is 
over port 443, then SSL should be enabled.  

So if I understand, I should not need name-based vhosts.  Using the _default_ 
wildcard, I shouldn't even need to use the ServerName directive in each vhost, 
although it may be recommended to avoid DNS lookups.  However, I would prefer 
if I did not have to duplicate the same configuration twice (ports 80 and 443) 
for all possible hostnames just to add more ServerName directives.  It seems 
like there should be a better way.

We have a configuration that seems to work for most clients (posted on 
Launchpad).  However, some are unable to connect over SSL.  It seems to be an 
issue specific to how SSL is implemented on Ubuntu 12.04.  I would like to 
clarify how this should correctly be configured.  

I can certainly provide more information if it is necessary, including 
configuration files.  I appreciate any help you can provide.

--
Anthony J. DeCusati
adecus...@ctdlc.org



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Reply via email to