Hoda Nadeem schrieb:
Eckard and All,
Does anybody know if there is any work around to get the following
scenario to work?
1 IP Address
2 domain names attached to the same server IP address
2 SSL virtual hosts: 1 with client authentication, 1 without client
authentication
I need to try to avoid using a second IP address for the same server.
Some folks are insisting that there must be a way to get the scenario to
work.
Hi,
maybe you should reach your goal with some mod_rewrite tricks. The
points mentioned at http://www.modssl.org/docs/2.8/ssl_faq.html#vhosts
are still valid, only one vhost per ip. You could give mod_rewrite a
try to push clients to different directories which are configured for
secure and public ssl access.
Try something like this:
ServerName www.vhost1.com
ServerAlias www.vhost2.com
SSLEngine on
SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
<Location /ssl/securedir>
SSLVerifyClient require
SSLVerifyDepth 1
</Location>
RewriteEngine on
#RewriteLogLevel 7
#RewriteLog logs/RewriteLog
#RewriteCond %{SERVER_NAME}
RewriteCond %{HTTP_HOST} www.vhost1.com
RewriteRule ^(/index.htm)|(/)|()$ /ssl/securedir [R,L]
RewriteCond %{HTTP_HOST} www.vhost2.com
RewriteRule ^(/index.htm)|(/)|()$ /ssl/public [R,L]
This would just be a starting switch, modify the regexp to push all
desired content into the matching secure location (see
http://www.modssl.org/docs/2.8/ssl_howto.html#ToC6). I personally did
not try this, but if this does not work maybe mod_setenvif can be used
to distinguish the different names.
Greetings from Germany,
Eckard
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager [EMAIL PROTECTED]
