Re: Re: SSL virtual Hosts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



HTTPD doesn't care how many files your configuration uses. You can include as many <VirtualHost> directives in a single file as you want.
To quote from [the documentation](https://httpd.apache.org/docs/current/configuring.html):
>  In addition, other configuration files may be added using the Include directive, and wildcards can be used to include many configuration files. Any directive may be placed in any of these configuration files.

The only time you need more than one config file is if you are running more than one httpd process on a single server. You can then specify which configuration file each one should read to start up using the `-f` parameter.

- Y

On Sat, Jun 10, 2017 at 6:33 PM, Ian Pilcher <arequipeno@xxxxxxxxx> wrote:
On 06/09/2017 01:30 PM, Carlos Cruz wrote:
I hope for my first question my questions isn’t too stupid but I haven’t been able to figured out my problem. My problem is I have  about 10 virtual domains under the conf.d (Centos 6) directory with Apache HTTPD 2.2. SSL (only) virtual hosts don’t work if I used individual configuration files to define the virtual hosts. But all works as I understand it should work if I put all my SSL virtual hosts in 1 ssl.conf file in the same conf.d directory. can anyone tell me, or point me to the info, why multiple configuration files are not working for my SSL virtual hosts.

1 domain uses a wild card certificate

The other domains use basic single domain certificates.

I suspect that all domains are actually using the wildcard certificate
when you use a single file.  That's the only way that I can see this
working.

The SSL session is established *before* the client sends any HTTP
request to the server, so the server has to choose which certificate to
present to the client before it knows the hostname that the client is
using.  Thus, *named* virtual hosts don't work over SSL.  (There's an
extension called SNI that addresses this, but you didn't mention it, so
I assume that you're not using it.)

--
========================================================================
Ian Pilcher                                         arequipeno@xxxxxxxxx
-------- "I grew up before Mark Zuckerberg invented friendship" --------
========================================================================


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux