DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=42923>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=42923 ------- Additional Comments From [EMAIL PROTECTED] 2007-07-18 17:45 ------- Hi Eric Thank you for your response. However I am not using the same IP:port combo for different vhosts. Each vhost is on a unique IP addresses. Perhaps this was not entirely clear in my original message. Let me attempt to spell this out further, with an Example. If the machine has * eth0 configured as a.b.c.1 * eth0:1 configured as a.b.c.100 * eth0:2 configured as a.b.c.101 If Apache is running with the default RedHat default config - ie. with only the _default_:443 Vhost (and a Listen 443) - then here's what I see https://a.b.c.1/ -> _default_:443 certificate, document root and logs. https://a.b.c.100/ -> _default_:443 certificate, document root and logs https://a.b.c.101/ -> _default_:443 certificate, document root and logs This is correct behaviour in my opinion. There is no specific match, so Apache uses _default_:443. Ok. I then make my own vhost, which is listening on a.b.c.1:443. Let's call this vhost "V1", to keep this next section readable. Note that this address is the address of the interface "eth0". I then try and access the web sites, and here's what I see this time: https://a.b.c.1/ -> _default_:443 certificate, but V1's document root and logs https://a.b.c.100/ -> _default_:443 certificate, document root and logs https://a.b.c.101/ -> _default_:443 certificate, document root and logs The behaviour for https://a.b.c.1/ is, IMHO, a bug. I am getting the cert for _default_:443, not for the vhost I'm referring to as V1. Okay. Now lets CHANGE the IP address in the vhost config. This means that there are still only 2 vhosts, the _default_:443 one, and my locally added one. Except this time instead of a.b.c.1:443, my local vhost is on a.b.c.100:443. For readability, let's call this version of my local Vhost "V100". Note again, that this IP address corresponds to an IP alias, not eth0. https://a.b.c.1/ -> _default_:443 certificate, document root and logs. https://a.b.c.100/ -> V100's certificate, document root and logs https://a.b.c.101/ -> _default_:443 certificate, document root and logs Everything is fine. This is what we should expect. Okay, so now I change the vhost over to IP address a.b.c.101, and try again. Call this vhost V101, for the sake of readability. https://a.b.c.1/ -> _default_:443 certificate, document root and logs. https://a.b.c.100/ -> _default_:443 certificate, document root and logs https://a.b.c.101/ -> V101's certificate, document root and logs Again. This all seems fine. If instead of one local vhost, I make 2; the ones I referred to as V100 and V101, then they both work fine. The only one which does not work correctly, is "V1". I can change the order in which the vhosts are defined. It makes no difference. Although Apache is serving the content from V1's DocumentRoot, and writing to V1's access log and error log, it does not present V1's Certificate. It only ever presents the cert from _default_:443. Perhaps I am mistaken, but I this to me is a bug. I've tested this on multiple machines all running the same OS and httpd. They have different IP addresses. The only thing which is common, is that cert for _default_:443 always leaks onto the vhost on eth0. The other ethernet interfaces (including IP aliases) are always fine. I hope that this helps clarify the situation. cheers /\ndy -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
