Re: Multi site SSL problems

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 





On Fri, May 10, 2024 at 4:10 PM John <john.iliffe@xxxxxxxxx> wrote:
On Fri, 2024-05-10 at 15:48 -0400, Sean Conner wrote:
> It was thus said that the Great Chris me once stated:
> > I set up each entry with <VirtualHost *:443> but when I do that, the
> > second site will complain that the cert is for site1. So if I go to
> > site2.com, I get a browser error that the cert is for site1. It will show
> > me the content for site1.
>
>   On my development server, I have the following:
>
> <VirtualHost 192.168.1.10:443>
>       ServerName              playground.roswell.area51
>       SSLEngine               on
>       SSLCertificateFile      /home/spc/web/playground/cert.pem
>       SSLCertificateKeyFile   /home/spc/web/playground/key.pem
>       ...
> </virtualHost>
>
> <virtualHost 1932.168.1.10:443>
>       ServerName              wiki.roswell.area51
>       SSLEngine               on
>       SSLCertificateFile      /home/spc/web/wiki/cert.pem
>       SSLCertificateKeyFile   /home/spc/web/wiki/key.pem
>       ...
> </VirtualHost>
>
> > I am not sure how to do this part:
> > Do not use the 2.2 authz directives (Allow/Deny/Order) and use Require instead
> > I am running Apache 2.2, does it still apply?
> > It does not look like mod_access_compat is listed under mods-enabled
>
>   That I don't remember as I've been running Apache 2.4 for a couple of
> years now.
>
>   -spc
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
Typo in the 2nd virtual host "1932.168.1.10:"  probably should be "192.168.1.10"

John
======

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


Show the apachectl -S output, and each vhost.  Make sure that every single :443 vhost has SSLEngine on and SSLCertificateFile set. 

[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux