Hi,
I am setting up https://keyserver.zap.org.au/ to be used by
hkps.pool.sks-keyservers.net. I am trying to serve different SSL
certificates depending on the incoming hostname. Does anyone know
if this is possible within the SAME VirtualHost configuration block
under Apache?
My current configuration includes:
<VirtualHost *:11372 *:443>
ServerAdmin [email protected]
ServerName keyserver.zap.org.au
ServerAlias *.sks-keyservers.net
SSLEngine on
# Only allow secure ciphers and protocols: SSLv3 and TLSv1
SSLCipherSuite HIGH:MEDIUM:!ADH
SSLProtocol all -SSLv2
SSLCertificateFile /etc/ssl/certs/keyserver.pem
SSLCertificateKeyFile /etc/ssl/private/keyserver.pem
SSLCACertificateFile /etc/ssl/certs/ZAP_Group_CA_Root.pem
<Proxy *>
Order allow,deny
Allow from all
</Proxy>
ProxyPass / http://127.0.0.1:11371/
ProxyPassReverse / http://127.0.0.1:11371/
ProxyVia On
SetEnv proxy-nokeepalive 1
...
</VirtualHost>
I know I can create a second VirtualHost block with
SSLCertificateFile, SSLCertificateKeyFile and SSLCACertificateFile
pointing to the sks-keyservers.net-generated certificates, but is it
possible to do this within the SAME VirtualHost block, based on
environment variables, etc.?
Yours truly,
John Zaitseff
--
John Zaitseff ,--_|\ The ZAP Group
Phone: +61 2 9643 7737 / \ Sydney, Australia
E-mail: [email protected] \_,--._* http://www.zap.org.au/
v
_______________________________________________
Sks-devel mailing list
[email protected]
https://lists.nongnu.org/mailman/listinfo/sks-devel
