httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Laszlo Nagy <gand...@designaproduct.biz>
Subject [users@httpd] NameVirtualHost + SSL certificate problem
Date Thu, 19 Oct 2006 11:44:11 GMT

  Hello All,

I have a little problem with my Apache. Here is the software version:

#apachectl -v
Server version: Apache/2.0.59
Server built:   Oct  4 2006 08:32:33
#uname -a
FreeBSD designaproduct.biz 6.1-RELEASE-p6 FreeBSD 6.1-RELEASE-p6 #2: Thu 
Sep  7 07:13:22 EDT 2006     
gandalf@designaproduct.biz:/usr/obj/usr/src/sys/DESIGNAPRODUCT  i386


Here are some important lines from my httpd.conf:

Listen 80
Listen 443
Listen 444

This is from ssl.conf (included from httpd.conf):

SSLCertificateFile /usr/local/certs/designaproduct_biz.crt
SSLCertificateKeyFile /usr/local/certs/designaproduct_biz.key.pem
SSLCACertificateFile /usr/local/certs/DigiCertCA.crt

I need to serve many domains (designasign.biz, designateeshirt.biz, 
shopzeus.com, mess.hu etc.) I only have one IP address, so I'm using 
name based virtual hosts. However, I also need to do secure payments on 
two sites. I did a trick:


<VirtualHost *:444>
    ServerName designasign.biz
    ServerAlias www.designasign.biz
    DocumentRoot /www/designasign.biz/
    SSLEngine On
    <Location />
        Order Allow,Deny
        Allow from All
        Options Indexes
        AllowOverride None
    </Location>
</VirtualHost>

<VirtualHost *:443>
  ServerName shopzeus.com
  ServerAlias www.shopzeus.com
    DocumentRoot /www/shopzeus.com/

  SSLEngine On
  SSLCertificateFile /www/certs/www.shopzeus.com.crt
  SSLCertificateKeyFile /www/certs/shopzeus.com.key.pem
  SSLCertificateChainFile /www/certs/sf_issuing.crt
  SSLCACertificateFile /www/certs/sf_issuing.crt

  <Location />
     Order allow,deny
     Allow from all
  </Location>
</VirtualHost>


So in theory, HTTPS requests to port 444 use the default certificate 
(which belongs to designasign.biz) and HTTPS requests to port 443 use 
the www.shopzeus.com.crt certificate (which belongs to www.shopzeus.com).

Everything seems fine, except that apache uses the default certificate 
for both sites. (You can test it, just go to https://www.shopzeus.com .) 
Is this a limitation in Apache? If not, what is wrong with my 
configuration? (I cannot find any error messages or warnings in the logs.)

Thanks,

   Laszlo


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message