Hi,
You Apache configuration uses SNI (Server Name Indication) which is not
supported on Windows XP using IE, Safari and Chrome. The client must be
running under Windows Vista and higher in order for SNI to work.
That being said, you are saying in your message that Firefox fails to
support SNI under XP and that surprises me because it's supposed to work
starting from 2.0 and up, independently from the OS. What version of
Firefox are using under XP?
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 7/16/2010 3:31 PM, Richard Buskirk wrote:
I sent this situation off to the help team but maybe it is either that
stupid or that hard.
I have installed 2 SSL Certs on my server.
I am using a naming convention for apache configuration for each cert.
*Server:* Windows server 2008, Apache/2.2.14 (Win32) mod_ssl/2.2.14
OpenSSL/0.9.8k PHP/5.2.11
*httpd-vhost.conf*
___________________________
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile "C:\\certs\\ServerA.crt"
SSLCertificateKeyFile "C:\\certs\\ ServerA.key"
ServerName www. ServerA.com
SSLOptions StrictRequire
SSLProtocol all -SSLv2
ServerAdmin notice@ ServerA.com
DocumentRoot "C:\\Program Files (x86)\\Apache Software
Foundation\\Apache2.2\\www\\html\\ ServerA "
ErrorLog "C:\\Program Files (x86)\\Apache Software
Foundation\\Apache2.2\\logs\\ssl-access- ServerA.log"
CustomLog "logs/access-ssl-www. ServerA.com" common
</VirtualHost>
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile "C:\\certs\\ ServerB.crt"
SSLCertificateKeyFile "C:\\certs\\ ServerB.key"
ServerName www. ServerB.com
SSLOptions StrictRequire
SSLProtocol all -SSLv2
ServerAdmin notice@ ServerB.com
DocumentRoot "C:\\Program Files (x86)\\Apache Software
Foundation\\Apache2.2\\www\\html\\ ServerB "
ErrorLog "C:\\Program Files (x86)\\Apache Software
Foundation\\Apache2.2\\logs\\ssl-access- ServerB.log"
CustomLog "logs/access-ssl-www. ServerB.com" common
</VirtualHost>
Here is where my senerio goes very weird. A computer with windows 7
browses to both location and everything is perfect.
A computer with windows XP browses to the siteA no issue. But if they
go to siteB, the cert for Site A is used on SiteB’s load every time no
matter what computer they are on.
The siteB does show the proper site but the cert is the wrong cert.
This fails in Firefox, IE, Safari, Google Chrome on windows XP.
Any suggestions ?
Does this make sense what I am saying?
Richard L. Buskirk
Senior Software Developer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org