[plug] Debugging apache-ssl virtualhost certificates

bob bob at fots.org.au
Fri Dec 31 19:08:12 WST 2004


On Fri, 31 Dec 2004 06:29 pm, Bernard Blackham wrote:
> On Fri, Dec 31, 2004 at 06:21:17PM +0800, bob wrote:
> > I need some help please. I am trying to get apache-ssl to spit out
> > different ssl certs on a per virtualhost basis. I have the following
> > ditties in the config (which are  in agreement with the docs)
>
> Not possible with named Virtual Hosts (one IP, many sites).

Yep, thats what I'm trying to do... :(

> The SSL  session is initiated before the Host: header (determining which
> VirtualHost to use) is sent. Hence only a single SSL certificate can
> be used with named Virtual Hosts.
>
> You should be able to set up multiple SSL certs if doing IP-based
> virtual hosts. (Depending which IP is connected to, a different
> certificate is presented).

I only have the one IP to play with so it looks like I'm out of luck then. I 
had hoped doing a global SSLDisable for the base host and follow it with 
SSLEnable for each of the virtualhosts would have sorted that out.

> The only exception to this is if you have a wildcard cert and all
> your virtual hosts are in the same domain covered by the cert - then
> name-based hosts are fine because the same cert would be presented
> anyway.

Nope, all very different domains. ( a couple of small charitable orgs with 
little in the way of $ and completely different target audiences)

Thanks for your thoughts anyway :).

> Bernard.

-- 
Mulder: You mean there's no procedure outlined for an invisible assassin?

	"The X-Files: Unrequited"



More information about the plug mailing list