Jörn Nettingsmeier wrote:
Markus Angst wrote:
Hi Jörn,
> ...
the pain starts when using ssl: as you may know, it is not possible to
have name-based virtual ssl hosts, because you can only have one ssl
certificate and alternative vhost names would not match the server
name in that certificate.
>>
Yes, that's what the Apache documentation says. Not sure if this is
true... We are running Apache 2.2.4 and the following works on our
development machines (sorry it's a bit lenghty):
i think it will only work if you do not care about security (i.e.
educate your users to click away any bogus certificate warnings).
Of course I don't want to do that. My browser always gives me a warning when the
domain of a certificate does not match the domain of the server. When using the
setting I posted, there is no such warning and when I view the certificates in
the browser they match correctly.
here's an explanation:
http://fob.po8.org/node/284
Sounds reasonable.
iiuc, working around this issue would require a certificate
re-negotiation, which implies an extension of HTTP 1.1.
I investigated a little and found out, what is probably going on on my side...
The entries for my local machine in my hosts file look like this:
127.0.0.1 localhost
127.0.0.1 www.mypub.dev
192.168.186.2 pc2
So the two vhosts/certificates are in fact attached to two different IP numbers
(indirectly via dns lookup)... Mystery solved. Sorry for the noise.
Thanks!
Markus Angst
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
