httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Rush <david.r...@wyo.gov>
Subject Re: [users@httpd] VirtualHost and HTTPS
Date Wed, 29 Aug 2018 17:19:57 GMT
Ah, so SNI is dependent on the operating system, not the version of Apache
HTTPD installed?

I had read about SNI and understood the basics of it, but assumed that it
was a function of HTTPD version rather than older OS version.

Thanks for your help.

David

On Wed, Aug 29, 2018 at 11:00 AM, Jonathan Sélea <jonathan@selea.se> wrote:

> I am very sure that this has to do with the fact that older machines
> simply does not have support for SNI.
>
>
> On 2018-08-29 16:28, David Rush wrote:
>
>> I'm running httpd 2.4.12 on Windows Server 2003.
>>
>> We have things set up and working with http and https using the
>> primary host name (fully qualified).
>>
>> We need for a different domain (same hostname) to work with https.
>>
>> These both need to work:
>>
>> https://myhost.domain1.org - this works fine
>>
>> https://myhost.domain2.org - I can't get this to work
>>
>> I have certificates (and key files) for both domains (the first being
>> unique to the FQDN, the second being a wildcard for *.domain2.org
>> [1]).
>>
>> I have <VirtualHost *:443> blocks set up with ServerName
>> myhost.domain1.org [2] in one, and ServerName myhost.domain2.org [3]
>> in the other.  Each specifies its proper cert and key files, and
>> unique DocumentRoot locations.
>>
>> httpd.exe -S clearly indicates both VirtualHosts found, no errors (no
>> errors from httpd.exe -t, either).
>>
>> It appears that the first certificate is always being served
>> regardless of which host name is used in the browser.  Also, the 2nd
>> (domain2.org [1]) config has a different DocumentRoot, but when I tell
>> the browser to ignore the security warnings I'm being delivered
>> content from the domain1.org [4] DocumentRoot.
>>
>> Help!
>>
>> David
>>
>> E-Mail to and from me, in connection with the transaction
>> of public business, is subject to the Wyoming Public Records
>> Act and may be disclosed to third parties.
>>
>>
>> Links:
>> ------
>> [1] http://domain2.org
>> [2] http://myhost.domain1.org
>> [3] http://myhost.domain2.org
>> [4] http://domain1.org
>>
>
> --
> Jonathan Sélea
>
> PGP Key: 0x8B35B3C894B964DD
> Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD
> https://jonathanselea.se
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

-- 

E-Mail to and from me, in connection with the transaction 
of public 
business, is subject to the Wyoming Public Records 
Act and may be 
disclosed to third parties.

Mime
View raw message