On 6/7/07, Sebastien Roy <Apache@xxxxxxxxxxxx> wrote:
Hi folks, We are running Apache/2.2.3 (Unix) mod_ssl/2.2.3 OpenSSL/0.9.8b DAV/2 PHP/5.1.4 and everything is working perfectly except one thing and I'm sure it's a configuration problem. We have some domains that have SSL certificate and some not. My problem is very simple, what i'm doing wrong if every vhost works using https and use the same certificate. What I need is that for exemple https://www.mydomain.com works with mydomain.com certificate but that https://www.myotherdom.com is not answering 'cause the SSL is only applied to mydomain.com! Right now every vhost is answering to SSL request. The config looks like that:
You can't have one name "not answer", because apache doesn't know the name until after it has already done the SSL negotiation. (The name is carried in the HTTP Host request header which is part of the encrypted content. This is the same reason you can't do name-based virtual hosts with SSL.) You can use mod_rewrite to return forbidden errors to certain hostnames. (You can even, notwithstanding what I just wrote, use name-based virtual hosts with identical ssl configuration to capture and deny the bad names.) You will still get certificate warnings on the bad names, of course. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|