Ok, I get the point. Wouldn't it be possible to use DNS instead of IP?
I think it's a "nice-to-have" for one of the future releases.
Anyway, thanks for your help and patience.
Regards,
Stefan
-----Urspr�ngliche Nachricht-----
Von: Jeff [mailto:[EMAIL PROTECTED]]
Gesendet: Dienstag, 25. September 2001 16:27
An: [EMAIL PROTECTED]
Betreff: Re: mod_ssl and virtual hosts
Thats about the most common question..
http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47
Basically, only ONE SSL server on any IP/port combination.. You need
another IP or use non-standard SSL on one of the domains..
Rgds
Jeff
----- Original Message -----
From: "Peer Stefan" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, September 25, 2001 11:48 PM
Subject: mod_ssl and virtual hosts
> Hi,
>
> I've got a problem installing 2 keys for 2 different virtual hosts.
>
> I'm using apache 1.3.20/mod_ssl 2.8.3/OpenSSL 0.9.6a on a Linux system
> (Kernel 2.4.5)
> The webserver listens to several domains, 2 of them need https enabled. So
> I've created 2 more virtual hosts, which listen to port 443. I'd like to
> install 2 different certificates and therefore created 2 different server
> keys.
> If I restart apache, it only loads one key and I get an error
> (CN-missmatch), when I connect to the other virtual host.
>
> Any help is appreciated.
> Thanks in advance,
> Stefan Peer
>
> PS: relevant parts of httpd.conf:
>
> <VirtualHost a.b.c.d:443>
> ServerName www.domain1.tld
>
> SSLEngine On
> SSLCipherSuite
> ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.domain1.tld.crt
> SSLCertificateKeyFile
/usr/local/apache/conf/ssl.key/www.domain1.tld.key
> <Files ~ "\.(cgi|shtml|phtml|php3|php|jsp?)$">
> SSLOptions +StdEnvVars
> </Files>
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> downgrade-1.0 force-response-1.0
> CustomLog /usr/local/apache/logs/ssl_request_log "%t %h
%{SSL_PROTOCOL}x
> %{SSL_CIPHER}x \"%r\" %b"
>
> DocumentRoot /home/www/domain1/htdocs_ssl
> <Directory /home/www/domain1/htdocs_ssl>
> AllowOverride None
> Options None
> Order allow,deny
> Allow from all
> </Directory>
> ...
> </VirtualHost>
>
> <VirtualHost a.b.c.d:443>
> ServerName www.domain2.tld
>
> SSLEngine On
> SSLCipherSuite
> ALL:!ADH:!EXP56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
> SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.domain2.tld.crt
> SSLCertificateKeyFile
/usr/local/apache/conf/ssl.key/www.domain2.tld.key
> <Files ~ "\.(cgi|shtml|phtml|php3|php|jsp?)$">
> SSLOptions +StdEnvVars
> </Files>
> SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
> downgrade-1.0 force-response-1.0
> CustomLog /usr/local/apache/logs/ssl_request_log "%t %h
%{SSL_PROTOCOL}x
> %{SSL_CIPHER}x \"%r\" %b"
>
> DocumentRoot /home/www/domain2/htdocs_ssl
> <Directory /home/www/domain2/htdocs_ssl>
> AllowOverride None
> Options None
> Order allow,deny
> Allow from all
> </Directory>
> ...
> </VirtualHost>
>
> ______________________________________________________________________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
