Thanks for the Reploy Luca. so i shall be listing all the possible IP:port in the virtualhost.conf file instead of just *:443 and that should make this work.
Let me try this out. --Chetan On Tue, Jul 25, 2017 at 6:16 AM, Luca Toscano <toscano.l...@gmail.com> wrote: > As Eric pointed out earlier on: > > > The file names don't matter very much. What matters is whether they > > are separate IP:PORT based vhosts. If they're not, they can't have > > separate SSL configurations. > > In all files you have <VirtualHost *:443> and you use a different > ServerName to differentiate. I am not a big expert but I believe that what > Eric is saying is that if you want to use a different SSL configuration on > one VirtualHost you can with the constraint that the IP:PORT (stated in > <VirtualHost IP:PORT>) is unique and not used in another VirtualHost block. > > Luca > > 2017-07-25 12:01 GMT+02:00 chetan jain <cpjai...@gmail.com>: > >> Hi Luca, >> >> I have uploaded the content : >> >> https://apaste.info/t5ez >> >> Please review. >> >> --Chetan >> >> On Tue, Jul 25, 2017 at 4:17 AM, Luca Toscano <toscano.l...@gmail.com> >> wrote: >> >>> Hi, >>> >>> we'd need to get your vhost configuration before helping further on, as >>> Eric mentioned you have probably some overlapping but it is very difficult >>> to debug only from your description. If you can put your configuration in >>> https://apaste.info/ it would be great, otherwise I'd suggest to reach >>> out to the folks in #httpd (IRC Freenode) to get some live help. >>> >>> Luca >>> >>> >>> 2017-07-25 6:45 GMT+02:00 chetan jain <cpjai...@gmail.com>: >>> >>>> Hi All, >>>> >>>> Any more input on this? >>>> >>>> --Chetan >>>> >>>> On 21 Jul 2017 10:40 p.m., "chetan jain" <cpjai...@gmail.com> wrote: >>>> >>>>> Hi Eric, >>>>> >>>>> Thanks for the reply. >>>>> We have a different server alias for each of the host, It does get >>>>> honoured that is how requests go to correct sites. >>>>> >>>>> It's just that something with the SSLProtocol, i read somewhere after >>>>> googling that SSLProtocol are taken from the first virtual host which is >>>>> loaded and rest are ignored, trying to seek confirmation if that is >>>>> correct...and what can be done to achieve the needful >>>>> >>>>> On 21 Jul 2017 5:09 p.m., "Eric Covener" <cove...@gmail.com> wrote: >>>>> >>>>>> On Fri, Jul 21, 2017 at 2:37 AM, chetan jain <cpjai...@gmail.com> >>>>>> wrote: >>>>>> > Hi All, >>>>>> > >>>>>> > We have an Apache WebServer (2.2.15) setup on CentOS 6 where in >>>>>> httpd,conf >>>>>> > we have included conf.d/*.conf files which has configuration for >>>>>> all the >>>>>> > virtual hosts. >>>>>> > >>>>>> > In conf.d we have respective .conf file for each of the virtual >>>>>> hosts like : >>>>>> > >>>>>> > abc_com.conf for abc.com >>>>>> > xyz_com.conf for xyz.com >>>>>> > >>>>>> > etc >>>>>> > >>>>>> > now I want to disable the TLSv1.0 and SSLv3 request only for one of >>>>>> this >>>>>> > virtual hosts, but even if i put the values like : >>>>>> > >>>>>> > SSLProtocol ALL -SSLv3 -SSLv2 -TLSv1 -TLSv1.1 in >>>>>> xyz_com.conf >>>>>> > file TLSv1.0 and 1.1 are still enabled for xyz.com >>>>>> > >>>>>> > to disable it, I have to put the same value in abc_com.conf file as >>>>>> well, >>>>>> > then only it get disabled for xyz.com as well (even if i remove >>>>>> the paramter >>>>>> > from xyz_com.conf in that case it is still disabled) >>>>>> > >>>>>> > can't we have different SSLProtocol for different virtual hosts? >>>>>> > >>>>>> > I can not disable it for all the websites, have to do it for only >>>>>> one of >>>>>> > them, how can i achieve this? >>>>>> >>>>>> The file names don't matter very much. What matters is whether they >>>>>> are separate IP:PORT based vhosts. If they're not, they can't have >>>>>> separate SSL configurations. >>>>>> >>>>>> >>>>>> -- >>>>>> Eric Covener >>>>>> cove...@gmail.com >>>>>> >>>>>> --------------------------------------------------------------------- >>>>>> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org >>>>>> For additional commands, e-mail: users-h...@httpd.apache.org >>>>>> >>>>>> >>> >> >
