I was looking at the passphrase code yesterday, so I think I know the answer
to this one:
You will need to set the passphrase for each server key to be identical, and
that way all certs can be decrypted with the same passphrase.
cheers
Kirk
> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Bal�zs Nagy
> Sent: Thursday, April 27, 2000 5:36 PM
> To: [EMAIL PROTECTED]
> Subject: Multiple server keys / certificates don't work.
>
>
> Hi,
>
> I'm using Red Hat Secure Server 3.2 (mod_ssl/2.2.8)
> I read the docs and the FAQ. It clearly says that 2.2 can handle multiple
> key/cert combinations.
>
> So I made for each csr a separate key. However, it appears, that
> as soon as I
> try to have a second key/crt in a VHost, it asks only for the
> passkey of the
> last VHost, and fails anyway. (FYI, if I put two VHosts with the
> same key/crt,
> both work - except for the fact that one of the sites has the wrong cert.)
>
> I know that my server works fine since all the key/crt combos do work
> individually. (By commenting out all VHosts except one.)
>
> Here are the VHosts:
> --------------------------------------------
> NameVirtualHost xxx.xxx.xxx.xxx:443
> #
> <VirtualHost xxx.xxx.xxx.xxx:443>
> ServerName www.domain1.com
> ServerAdmin admin
> DocumentRoot /home/sites/sitex/web
> TransferLog /var/log/httpd/access_log-ssl
> SSLEngine on
> SSLCertificateFile /etc/httpd/conf/ssl.crt/www-domain1-com.crt
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www-domain1-com.key
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> CustomLog /var/log/httpd/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> AddHandler cgi-wrapper .cgi
> AddHandler cgi-wrapper .pl
> AddHandler server-parsed .shtml
> AddType text/html .shtml
> </VirtualHost>
>
> NameVirtualHost xxx.xxx.xxx.xxy:443
> #
> <VirtualHost xxx.xxx.xxx.xxy:443>
> ServerName www.domain2.com
> ServerAdmin admin2
> DocumentRoot /home/sites/sitey/web
> SSLEngine on
> SSLCertificateFile /etc/httpd/conf/ssl.crt/www-domain2-com.crt
> SSLCertificateKeyFile /etc/httpd/conf/ssl.key/www-domain2-com.key
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> CustomLog /var/log/httpd/ssl_request_log-boothdance \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
> AddHandler cgi-wrapper .cgi
> AddHandler cgi-wrapper .pl
> AddHandler server-parsed .shtml
> AddType text/html .shtml
> </VirtualHost>
>
> Thanks for your help!
>
> Cheers,
> Bal�zs
>
> ------------------------------------------------------------
> Get your high-end web space with http://www.thenewpush.com/
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
