Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Httpd Wiki" for change 
notification.

The "CommonMisconfigurations" page has been changed by TomChiverton:
https://wiki.apache.org/httpd/CommonMisconfigurations?action=diff&rev1=12&rev2=13

Comment:
Remove reference to SSL "requiring a static, non-shared IP" as it's explained 
earlier that for most people most of the time SSL no longer requires an IP per 
host.

  }}}
  See [[NameBasedSSLVHostsWithSNI]] for a detailed discussion, but in general 
most web browsers will work correctly with the above setup, historically 
Windows XP was the major operating system it would cause issues with.
  
- When clients without SNI attempt to connect host information isn't used so 
Apache will always use the certificate of the default virtual host, which is 
the first defined virtual host for name-based virtual hosts. This means your 
users will get a certificate mismatch warning when trying to access 
some.domain2.com. Read more about this at 
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2 <<BR>>Also, note that 
the configuration above isn't something someone would normally use for SSL, 
which requires a static, non-shared IP address -- !NameVirtualHost 
127.124.3.53:80 is a more likely format. However, using !NameVirtualHost *:443 
is common in howtos for Debian/Ubuntu.<<BR>><<BR>>
+ When clients without SNI attempt to connect host information isn't used so 
Apache will always use the certificate of the default virtual host, which is 
the first defined virtual host for name-based virtual hosts. This means your 
users will get a certificate mismatch warning when trying to access 
some.domain2.com. Read more about this at 
http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html#vhosts2 <<BR>>
  
  === Scope ===
  ==== Adding/Restricting access and options in <Directory /> ====

---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscr...@httpd.apache.org
For additional commands, e-mail: docs-h...@httpd.apache.org

Reply via email to