Dear Wiki user, You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change notification.
The "CommonMisconfigurations" page has been changed by TomChiverton: https://wiki.apache.org/httpd/CommonMisconfigurations?action=diff&rev1=12&rev2=13 Comment: Remove reference to SSL "requiring a static, non-shared IP" as it's explained earlier that for most people most of the time SSL no longer requires an IP per host. }}} See [[NameBasedSSLVHostsWithSNI]] for a detailed discussion, but in general most web browsers will work correctly with the above setup, historically Windows XP was the major operating system it would cause issues with. - When clients without SNI attempt to connect host information isn't used so Apache will always use the certificate of the default virtual host, which is the first defined virtual host for name-based virtual hosts. This means your users will get a certificate mismatch warning when trying to access some.domain2.com. Read more about this at http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2 <<BR>>Also, note that the configuration above isn't something someone would normally use for SSL, which requires a static, non-shared IP address -- !NameVirtualHost 127.124.3.53:80 is a more likely format. However, using !NameVirtualHost *:443 is common in howtos for Debian/Ubuntu.<<BR>><<BR>> + When clients without SNI attempt to connect host information isn't used so Apache will always use the certificate of the default virtual host, which is the first defined virtual host for name-based virtual hosts. This means your users will get a certificate mismatch warning when trying to access some.domain2.com. Read more about this at http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2 <<BR>> === Scope === ==== Adding/Restricting access and options in <Directory /> ==== --------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org For additional commands, e-mail: docs-h...@httpd.apache.org
