Does anyone else think that this is wrong? SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key >> SSLCACertificateFile /etc/apache2/ssl/root/sitename.com.crt It looks like you're telling it that the Certificate Authority is the same file as the Certificate itself. I could be wrong tho. As regards to the VHost defs: it depends what you've got in front of the server in the way of DNS or loadbalancers. Your domain name can only resolve to point at one IP address (unless you're using load balancers or proxies etc etc). So any request for the SSL port of demo.sitename.com is going to arrive at the same IP as the port 80 connection. http://demo.sitename.com > IP1 https://demo.sitename.com > Still IP1 (Have you set "NameVirtualHost" or not?) Dave Henderson wrote: > I am wondering if the virtual host definitions are wrong. Can I do the > following (even though the ServerName options have the same value)? Can > I use the IP addresses like I have done below? > > > <VirtualHost 192.168.0.12:80> > ServerAdmin webmaster@xxxxxxxxxxxx > ServerName demo.sitename.com > DocumentRoot /var/www/sitename.com/demo > > # This should be changed to whatever you set DocumentRoot to. > <Directory /var/www/sitename.com/demo> > Options Indexes Includes > AllowOverride Options > Order allow,deny > Allow from all > </Directory> > ErrorLog /var/log/apache2/sitename.com/demo/error.log > CustomLog /var/log/apache2/sitename.com/demo/access.log common > CustomLog /var/log/apache2/sitename.com/demo/referer.log referer > CustomLog /var/log/apache2/sitename.com/demo/agent.log agent > > # Possible values: debug, info, notice, warn, error, crit, > alert, emerg. > LogLevel warn > > ServerSignature On > </VirtualHost> > > > <VirtualHost 192.168.0.13:443> > ServerAdmin webmaster@xxxxxxxxxxxx > ServerName demo.sitename.com > DocumentRoot /var/www/sitename.com/demo/ssl > > # SSL specifications > SSLEngine On > SSLCertificateFile /etc/apache2/ssl/certs/sitename.com.crt > SSLCertificateKeyFile /etc/apache2/ssl/keys/sitename.com.key > SSLCACertificateFile /etc/apache2/ssl/root/sitename.com.crt > SSLCipherSuite SSLv2:+HIGH:+MEDIUM > SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown > > # SSLVerifyClient require > # SSLVerifyDepth 1 > # CustomLog /var/log/apache2/ssl \ "%t %h %{SSL_PROTOCOL}x > %{SSL_CIPHER}x$ > # <Location /ssl> > # SSLCipherSuite SSLv2:+HIGH:+MEDIUM > # SSLVerifyClient require > # SSLVerifyDepth 1 > # </Location> > > # This should be changed to whatever you set DocumentRoot to. > <Directory /var/www/sitename.com/demo/ssl> > Options Indexes Includes > AllowOverride Options > Order allow,deny > Allow from all > </Directory> > ErrorLog /var/log/apache2/sitename.com/demo/error.log > CustomLog /var/log/apache2/sitename.com/demo/access.log common > CustomLog /var/log/apache2/sitename.com/demo/referer.log referer > CustomLog /var/log/apache2/sitename.com/demo/agent.log agent > > # Possible values: debug, info, notice, warn, error, crit, > alert, emerg. > LogLevel warn > > ServerSignature On > </VirtualHost> > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx