Re: [users@httpd] multiple SSL certs on one server behind a NAT router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



How should this look? 

Here the virtual part of my httpd.conf


<VirtualHost _default_:443>

DocumentRoot /home/htdocs/foo
ServerName www.foo.com
ServerAdmin webmaster@xxxxxxx
ErrorLog /usr/local/apache/logs/error_log
TransferLog /usr/local/apache/logs/access_log
# Block TRACE/TRACK XSS vector
RewriteEngine On
RewriteCond %{REQUEST_METHOD} ^TRACE
RewriteRule .* - [F]

<LocationMatch "^/">
</LocationMatch>

SSLEngine on
SSLCipherSuite
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/ssl.https/www.foo.com.crt
SSLCertificateKeyFile /etc/ssl.https/www.foo.com.key

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
    SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
         nokeepalive ssl-unclean-shutdown \
         downgrade-1.0 force-response-1.0

CustomLog /usr/local/apache/logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"


NameVirtualHost 192.168.2.10

</VirtualHost>
 <VirtualHost 192.168.2.10>
    ServerName www.foo.com
    ServerAlias foo.com www.foo.com
    DocumentRoot /home/htdocs/foo
    ErrorLog /usr/local/apache/logs/error_log
    </VirtualHost>

<VirtualHost 192.168.2.10>
   ServerName www.bar.com
   ServerAlias bar.com www.bar.com
   DocumentRoot /home/htdocs/bar
   ErrorLog /usr/local/apache/logs/error_log
   </VirtualHost>





Serge Dubrouski wrote:
> 
> If both server share one IP using NameVirtualHost feature then there
> is no way to have different certificates for them.
> 
> On 9/12/06, milktoast <jgreene@xxxxxxxxxxxxxxxx> wrote:
> 
> 

-- 
View this message in context: http://www.nabble.com/multiple-SSL-certs-on-one-server-behind-a-NAT-router-tf2260024.html#a6270424
Sent from the Apache HTTP Server - Users forum at Nabble.com.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux