On Aug 6, 2008, at 12:26 PM, Marc Dirix wrote:
Hello, I currently have 2 virtual servers in Roxen. Both using SSL. https://www.foo.com and https://www.example.com. Now I've created a SSL key file, and did a signing request for www.foo.com, which works excellent. Then I've created a signing request for www.example.com, and added the certificate to the (I don't get why) global list under ports. So now I see a list with certificates, one for www.example.com and one for www.foo.com. The problem now is, that roxen always chooses the top one certificate. So if I connect to either virtual, the top one is chosen which causes the client in one of both virtual servers to warn about not being the right certificate.
This is because the SSL works at a lower level than http. You cannot use multiple certificates on one IP address for multiple virtual servers. SSL does not know about your virtual servers as that is an http level thing.
Now It may be just me, but why is even the ssl-keyfile global, and not seperate for each virtual server? And in short term, how can I use different certificates for different virtual servers?
You need to get a special kind of certificate that lists multiple names in it (ie, 1 cert that covers example.com and foo.com).
Chad
Thanks for helping, Marc
--- Chad Leigh -- Shire.Net LLC Your Web App and Email hosting provider chad at shire.net
