Re: [users@httpd] multiple SSL certs on one server behind a NAT router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



That's possible. You have to have 2 VirtualHoosts in your httpd.conf
(or ssl.conf, or vhosts.conf whatever you prefer), one per each IP
(<VirtualHost IP:443>). Do not enable NameVirtualHosts for them. Place
SSLCertificateFile and SSLCertificateKeyFile directives inside your
VirtualHosts. Remove "default" section.
Then it should work.

On 9/12/06, milktoast <jgreene@xxxxxxxxxxxxxxxx> wrote:

Right,

Can I get a second IP address on the router and pass that traffic to a
second IP on the server and get it to work?



Serge Dubrouski wrote:
>
> On 9/12/06, milktoast <jgreene@xxxxxxxxxxxxxxxx> wrote:
>>
>> I am aware of this... thus my question.... how should it look to get two
>> certs on one server?
>>
>
> Look like we do not understand each other. Once more: THERE IS NO WAY
> TO HAVE 2 CERTIFICATES ON ONE SERVER WITH ONE IP ADDRESS.
> As I understand your case you have a router with one real IP address
> and want to server 2  different HTTPS sites on it having them on a
> server behind your router. There is no solution for this.
>
>>
>> If it looks like this then it will work perfect for www.foo.com but
>> won't work for bar com. User will receive an error saying that bar.com
>> uses certificate for foo.com.
>>
>> The rool is easy: one cert per one IP.
>>
>> See http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html
>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/multiple-SSL-certs-on-one-server-behind-a-NAT-router-tf2260024.html#a6270684
>> Sent from the Apache HTTP Server - Users forum at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>
>>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
>

--
View this message in context: http://www.nabble.com/multiple-SSL-certs-on-one-server-behind-a-NAT-router-tf2260024.html#a6271130
Sent from the Apache HTTP Server - Users forum at Nabble.com.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx



[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux