Re: [users@httpd] multiple SSL certs on one server behind a NAT router

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: users@xxxxxxxxxxxxxxxx
Subject: Re: [users@httpd] multiple SSL certs on one server behind a NAT router
From: "Serge Dubrouski" <sergeyfd@xxxxxxxxx>
Date: Tue, 12 Sep 2006 12:54:21 -0500
Authentication-results: idunn.apache.osuosl.org header.from=sergeyfd@xxxxxxxxx; domainkeys=good
Authentication-results: idunn.apache.osuosl.org smtp.mail=sergeyfd@xxxxxxxxx; spf=pass
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxx
Delivered-to: apmail-httpd-users-archive@xxxxxxxxxxxxxxxx
Delivered-to: mailing list users@xxxxxxxxxxxxxxxx
In-reply-to: <6271130.post@xxxxxxxxxxxxxxx>
Mailing-list: contact users-help@xxxxxxxxxxxxxxxx; run by ezmlm
References: <6269962.post@xxxxxxxxxxxxxxx> <868cbbaa0609120951x3e17bf7doef39930b4cc9178f@xxxxxxxxxxxxxx> <6270424.post@xxxxxxxxxxxxxxx> <868cbbaa0609121017n6d4a9119mef770095c54e8629@xxxxxxxxxxxxxx> <6270684.post@xxxxxxxxxxxxxxx> <868cbbaa0609121030g4a5f373m3057df1b4fdc0c3f@xxxxxxxxxxxxxx> <6271130.post@xxxxxxxxxxxxxxx>
Reply-to: users@xxxxxxxxxxxxxxxx

That's possible. You have to have 2 VirtualHoosts in your httpd.conf
(or ssl.conf, or vhosts.conf whatever you prefer), one per each IP
(<VirtualHost IP:443>). Do not enable NameVirtualHosts for them. Place
SSLCertificateFile and SSLCertificateKeyFile directives inside your
VirtualHosts. Remove "default" section.
Then it should work.

On 9/12/06, milktoast <jgreene@xxxxxxxxxxxxxxxx> wrote:


Right,

Can I get a second IP address on the router and pass that traffic to a
second IP on the server and get it to work?



Serge Dubrouski wrote:
>
> On 9/12/06, milktoast <jgreene@xxxxxxxxxxxxxxxx> wrote:
>>
>> I am aware of this... thus my question.... how should it look to get two
>> certs on one server?
>>
>
> Look like we do not understand each other. Once more: THERE IS NO WAY
> TO HAVE 2 CERTIFICATES ON ONE SERVER WITH ONE IP ADDRESS.
> As I understand your case you have a router with one real IP address
> and want to server 2  different HTTPS sites on it having them on a
> server behind your router. There is no solution for this.
>
>>
>> If it looks like this then it will work perfect for www.foo.com but
>> won't work for bar com. User will receive an error saying that bar.com
>> uses certificate for foo.com.
>>
>> The rool is easy: one cert per one IP.
>>
>> See http://httpd.apache.org/docs/2.2/ssl/ssl_faq.html
>>
>>
>> --
>> View this message in context:
>> http://www.nabble.com/multiple-SSL-certs-on-one-server-behind-a-NAT-router-tf2260024.html#a6270684
>> Sent from the Apache HTTP Server - Users forum at Nabble.com.
>>
>>
>> ---------------------------------------------------------------------
>> The official User-To-User support forum of the Apache HTTP Server
>> Project.
>> See <URL:http://httpd.apache.org/userslist.html> for more info.
>> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
>> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>>
>>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
>    "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
> For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
>
>
>

--
View this message in context: http://www.nabble.com/multiple-SSL-certs-on-one-server-behind-a-NAT-router-tf2260024.html#a6271130
Sent from the Apache HTTP Server - Users forum at Nabble.com.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

Follow-Ups:
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast

References:
- [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: Serge Dubrouski
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: Serge Dubrouski
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: Serge Dubrouski
- Re: [users@httpd] multiple SSL certs on one server behind a NAT router
  - From: milktoast

Prev by Date: Re: [users@httpd] multiple SSL certs on one server behind a NAT router
Next by Date: Re: [users@httpd] multiple SSL certs on one server behind a NAT router
Previous by thread: Re: [users@httpd] multiple SSL certs on one server behind a NAT router
Next by thread: Re: [users@httpd] multiple SSL certs on one server behind a NAT router
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]