multiple ssl servers on the same box?

Thu, 02 Nov 2000 01:19:01 -0800 

Hello. (First post!)

First off, if I need to post questions about configuring Apache with mod_ssl
somewhere else, please let me know where it is. Otherwise . . .

I'm having several problems (or quandries, perhaps).

The first is: when I try to specify two virtual servers using SSL like so:

<IfDefine SSL>
    AddType application/x-x509-ca-cert    .crt
    AddType application/x-pkcs7-crl    .crl
</IfDefine>

<IfModule mod_ssl.c>
    SSLPassPhraseDialog    builtin
    SSLSessionCache    dbm:/path/to/ssl_cache
    SSLSessionCacheTimeout    300
    SSLMutex    file:/path/to/ssl_mutex
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
    SSLLog    /path/to/ssl_engine_log
    SSLLogLevel info
</IfModule>

NameVirtualHost my.ip.addy.xx

<IfDefine SSL>

# I tried <VirtualHost _default_:443> as well.
<VirtualHost my.ip.addy.xx:443>
    ServerName ssl.mydomain.com

    SSLEngine on
    SSLCertificateFile /path/to/cert
    SSLCertificateKeyFile /path/to/cert/key

    # other normal stuff here
</VirtualHost>

</IfDefine>

# other non-SSL virtual servers here

<IfDefine SSL>

<VirtualHost my.ip.addy.xx:443>
    ServerName admin.mydomain.com

    SSLEngine on
    SSLCertificateFile /path/to/cert
    SSLCertificateKeyFile /path/to/cert/key

    # other normal stuff here
</VirtualHost>

</IfDefine>

both SSL servers freak out. In particular, they cannot find CSS files and
images in the proper directories.

That being said, I was playing around with just making my
"admin.mydomain.com" server do without SSL, so I took out all the SSL stuff
from its <VirtualHost> directive; I then discovered something strange: All
my virtual servers can be accessed with the https protocol, except they
access the only server listening on port 443, 'ssl'. This is an odd
"feature" that I'd like to prevent.

What is the difference between saying:

<VirtualHost _default_:443>
and
<VirtaulHost my.ip.addy.xx:443>

??? Is this part of my problem?

Any input would be appreciated.

Dean.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to