Any advice for this :
https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI ?
regards
Le 07/05/2015 09:11, mialinglist a
écrit :
Additionnally,
I found an option in my ssl.conf :
Header always set Strict-Transport-Security
"max-age=63072000; includeSubDomains"
It could probably be the origin of the problem because HTTP
STS is the message the browser is sending to me when trying to
reach them with the main domain.tld
Le 07/05/2015 08:52, mialinglist a
écrit :
Hi everyone,
I write to the community because I'm loosing my hairs on SSL
conf and multi VHost. Here is the context.
I'm working on CentOS 6.6 an apache 2.2.
I have multiples httpS VHosts :
* domain.tld
* sub0.domain.tld
* sub1.domain.tld
* sub2.domain.tld
Each of those vhost were working with a self signd
certificate. Running all of those site through web browser
cause no special problem once the exception has been added in
the browser.
Recently I decided to add a true signed certificate for the
domain.tld. It's a guenine mono domain certificate and Global
sugn gave me 2 certificates, the main on and the intermediate
one.
I've setted up the VHosts successfully and whatever the
browser the site is correctly recognized....UNTIL... I strat
browsing all ather vhosts that are subdomain of the main one.
All the website are no more trusted at all and impossible to
force the exception on the SSL.
Once I reste the self cigned certificate on the vhost
domain.tld, clear cache and delete certificates exceptions
everything works fine.
I don't see something special in logs, Itried with or without
Selinux, mod_security, etc...
Any tips/advice would be appreciated.
regards
|