Hi, I would like to say this different: Indeed, there is no way to use NAME BASED virtual hosts on the same IP / Port with different SSL certificates. However, it is possible to use IP PASED virtual hosts with different SSL certificates => they will have to be on different Ips or different ports. Also, something that is never said, probably because it's not officialy supported: it is possible to use "dirty" name based virtual hosts with the _SAME_ SSL certificate (at least with Apache 2.0). As said previously, the server name is also encrypted. But it seems like Apache uses the first SSL certificate it founds (the first SSLCertificateFile directive), whatever the servername. Once the SSL handshake has been done, name based virtual hosts work just like with non-SSL vhosts. Obviously, this will only work with "wildcard" certificates. You'll have to share the same "*.mydomain.com" certificate for all your "servername1.mydomain.com", "servername2.mydomain.com" dirty name based virtual hosts. If you want to use this alternative, I suggest including a .conf file in each of your <VirtualHost> directives. This .conf file will contain only SSLCertificateFile directive to show that all your virtual hosts use the same file and that you can't change one without affecting the others... So, in a word, you can use name based virtual hosts with a wildcard SSL certificate, all the "non-SSL" directives will work as expected on your virtual hosts. This is not a very clean alternative, but that can prove very useful when you don't have plenty of IPs... Olivier Olivier CHIROUZE I&0 Infrastructure Volvo Information Technology > -----Original Message----- > From: Gonzalez, Miguel [mailto:miguel.gonzalez@xxxxxxxxxxxxx] > Sent: 27 February 2007 18:27 > To: users@xxxxxxxxxxxxxxxx > Subject: RE: Virtual SSL on one IP? > > There is no way to use virtual host on the same secure port, you will > need to use different ports. It is a question that the servername is > also encrypted so there is no way to use virtualhosting > > Miguel > > > -----Original Message----- > > From: Marc Perkel [mailto:marc@xxxxxxxxxx] > > Sent: Tuesday, February 27, 2007 12:25 PM > > To: users@xxxxxxxxxxxxxxxx > > Subject: Virtual SSL on one IP? > > > > Is there a way to run multiple virtual sites on one IP > using different > > certificates? Apache 2.2 > > > > > --------------------------------------------------------------------- > > The official User-To-User support forum of the Apache HTTP Server > > Project. > > See <URL:http://httpd.apache.org/userslist.html> for more info. > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP > Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|