You are trying to run two name based VHs under SSL. You cannot do this (see http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47).
The problem is that SSL encapsulates HTTP so the SSL session has to be negotiated before any HTTP traffic can be seen. But the hostname is in the HTTP request, so apache cannot decide which VH to use - so it uses the first by default. You need to use separate IPs and/or ports... Rgds, Owen Boyle >-----Original Message----- >From: Ludovic Perard [mailto:[EMAIL PROTECTED]] >Sent: Mittwoch, 20. November 2002 15:25 >To: [EMAIL PROTECTED] >Subject: SSL with multiple domains on same server > > >Hello. > > I'm trying to set up Apache with SSL on Windows 2000. > > It is working but I have some troubles with the certificates. > > If my Apache server is server.mydomain.com and I want to have two > websites with HTTPS. The SSL is well enabled and works fine. > > It is what I did : > > * openssl req -config openssl.cnf -new -out -website1.csr > > -> then I put "website1.mydomain.com" as common name > > * openssl rsa -in privkey.pem -out website1.key > > * openssl x509 -in website1.csr -out website1.cert -req >-signkey website1.key -days 365 > > -> To have a temporary signed key > > Then, I did all these operation a second time for the website2. > (with "website2.mydomain.com" as common name for the second .csr) > > At he end, I have these files : > > - website1.cert > - website1.key > - website2.cert > - website2.key > > In httpd.conf I set up both sites : > > <VirtualHost website1.mydomain.com:443> > SSLEngine On > SSLCertificateFile ssl/website1.cert > SSLCertificateKeyFile ssl/website1.key > </VirtualHost> > > <VirtualHost website2.mydomain.com:443> > SSLEngine On > SSLCertificateFile ssl/website2.cert > SSLCertificateKeyFile ssl/website2.key > </VirtualHost> > > website1 and website2 has different IP address > > And then, my problem apears. > > In my browser, I can go two both sites with SSL, but both takes the > same certificate... Why ? Is there a mismatch between name of the > server and names of the websites ? > >-- >Best regards, > Ludovic > [EMAIL PROTECTED] > > >______________________________________________________________________ >Apache Interface to OpenSSL (mod_ssl) www.modssl.org >User Support Mailing List [EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please notify the sender urgently and then immediately delete the message and any copies of it from your system. Please also immediately destroy any hardcopies of the message. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. The sender's company reserves the right to monitor all e-mail communications through their networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorised to state them to be the views of the sender's company. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
