httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Peter Thomassen <thomas...@a4a.de>
Subject [users@httpd] Unexpected extra certificate
Date Thu, 23 Mar 2017 13:09:11 GMT
Hi,

Using Apache 2.4.10 on Ubuntu, I configured a bunch of virtual hosts
with SSL, plus an extra virtual host before them, to catch requests for
hostnames that are not otherwise defined.

When responding to a request to one of the regular virtual hosts, it
turns out that Apache sends the correct certificate, plus the one from
the default vhost. You can see this behavior in

	https://www.ssllabs.com/ssltest/analyze.html?d=web.a4a.de&s=2a01%3a4f8%3a10a%3a1d5c%3a8000%3a0%3a0%3a7&latest

... where there are two certificates, one from Let's Encrypt for
web.a4a.de / www.web.a4a.de, and the other self-signed for * (this is
the default vhost's certificate).

There are no certificate-related directives outside the VirtualHost
blocks. It somehow seems like the SSL configuration from the default
vhost leaks into the others, which seems very strange to me.

I was unable to find a way to serve only the appropriate certificate. Do
you have any ideas?

Thanks,
Peter

-- 
a4a GmbH

web: https://www.a4a.de/
e-mail: info@a4a.de

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message