httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yehuda Katz <>
Subject Re: [users@httpd] Re: SSL virtual Hosts
Date Sun, 11 Jun 2017 02:06:05 GMT
HTTPD doesn't care how many files your configuration uses. You can include
as many <VirtualHost> directives in a single file as you want.
To quote from [the documentation](
>  In addition, other configuration files may be added using the Include
directive, and wildcards can be used to include many configuration files.
Any directive may be placed in any of these configuration files.

The only time you need more than one config file is if you are running more
than one httpd process on a single server. You can then specify which
configuration file each one should read to start up using the `-f`

- Y

On Sat, Jun 10, 2017 at 6:33 PM, Ian Pilcher <> wrote:

> On 06/09/2017 01:30 PM, Carlos Cruz wrote:
>> I hope for my first question my questions isn’t too stupid but I haven’t
>> been able to figured out my problem. My problem is I have  about 10 virtual
>> domains under the conf.d (Centos 6) directory with Apache HTTPD 2.2. SSL
>> (only) virtual hosts don’t work if I used individual configuration files to
>> define the virtual hosts. But all works as I understand it should work if I
>> put all my SSL virtual hosts in 1 ssl.conf file in the same conf.d
>> directory. can anyone tell me, or point me to the info, why multiple
>> configuration files are not working for my SSL virtual hosts.
>> 1 domain uses a wild card certificate
>> The other domains use basic single domain certificates.
> I suspect that all domains are actually using the wildcard certificate
> when you use a single file.  That's the only way that I can see this
> working.
> The SSL session is established *before* the client sends any HTTP
> request to the server, so the server has to choose which certificate to
> present to the client before it knows the hostname that the client is
> using.  Thus, *named* virtual hosts don't work over SSL.  (There's an
> extension called SNI that addresses this, but you didn't mention it, so
> I assume that you're not using it.)
> --
> ========================================================================
> Ian Pilcher                               
> -------- "I grew up before Mark Zuckerberg invented friendship" --------
> ========================================================================
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View raw message