I have done some more digging with regards to the Client Certificate
issue I described in my previous e-mail. It looks like name-based
virtual hosting isn't working at all on my setup. I discovered that
after I changed the self-signed certificate from one of the virtual
hosts for a certificate signed by CACert.
In my setup, both virtual hosts are served with the configuration from
the first virtualhost, i.e. they both use the self-signed certificate.
I am using Apache 2.2.9 as supplied by Debian Lenny, along with
libgnutls26 2.4.2 and mod_gnutls 0.5.1 as supplied by Debian Lenny.
My configuration:
NameVirtualHost *:443
Listen 443
# First virtual host, using a self-signed certificate
<VirtualHost *:443>
DocumentRoot /home/sander/projects/odf-shots/trunk/server/www
ServerName cakephp.jejik.com:443
# SSL using GnuTLS
GnuTLSEnable On
GnuTLSPriorities PERFORMANCE:%COMPAT
GnuTLSCertificateFile /etc/apache2/ssl/selfsigned.jejik.com.cert
GnuTLSKeyFile /root/certs/selfsigned.jejik.com.key
LogLevel warn
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
# Second virtual host using a sertificate signed by CACert.
# But, it is served with the self-signed certificate from the previous
# virtual host. That can't be right!
<VirtualHost *:443>
# SSL using GnuTLS
GnuTLSEnable On
GnuTLSCertificateFile /etc/apache2/ssl/svn.jejik.com.cert
GnuTLSKeyFile /root/certs/svn.jejik.com.key
GnuTLSPriorities PERFORMANCE:%COMPAT
ServerName svn.jejik.com:443
LogLevel warn
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
ServerSignature On
</VirtualHost>
_______________________________________________
Modules mailing list
Modules@lists.outoforder.cc
http://lists.outoforder.cc/mailman/listinfo/modules
