Hello,I have some virtual hosts and would like to run SSL with different certificates on each. Having followed the following how-to, http://gentoo-wiki.com/HOWTO_Apache_with_Name_Based_Hosting_and_SSL and rebuilding apache with SNI support, I am having some issues in that domain2.com only returns the server.crt and not the one specified in my rule.
Here are the relevant conf files and setup: . |-- httpd.conf |-- magic |-- modules.d | |-- 00_apache_manual.conf | |-- 00_default_settings.conf | |-- 00_error_documents.conf | |-- 00_languages.conf | |-- 00_mod_autoindex.conf | |-- 00_mod_info.conf | |-- 00_mod_log_config.conf | |-- 00_mod_mime.conf | |-- 00_mod_status.conf | |-- 00_mod_userdir.conf | |-- 00_mpm.conf | |-- 10_mod_mem_cache.conf | |-- 12_mod_auth_mysql.conf | |-- 27_mod_proxy_html.conf | |-- 40_mod_ssl.conf | |-- 45_mod_dav.conf | |-- 46_mod_ldap.conf | |-- 47_mod_dav_svn.conf | |-- 70_mod_php5.conf | |-- 75_mod_perl.conf | |-- 80_mod_auth_pgsql.conf | |-- 99_mod_security.conf | |-- mod_security | `-- postinst-en.txt |-- ssl | |-- domain_one.csr | |-- domain_one.key | |-- domain_one.crt | |-- server.crt | |-- server.key | |-- domain_two.csr | |-- domain_two.key | `-- domain_two.crt `-- vhosts.d |-- 00_default_ssl_vhost.conf |-- 00_default_vhost.conf |-- domain_one.conf `-- domain_two.conf ####### #domain_one.conf <VirtualHost *:80> ServerName domain_one.com <IfModule mod_rewrite.c> RewriteEngine OnRewriteRule ^/(.*) http://domain_one.com:7080/VirtualHostBase/http/domain_one.com:80/sites/site1/VirtualHostRoot/$1 [L,P]
</IfModule> ErrorLog /var/log/apache2/domain_one_error.log <IfModule mod_log_config.c> CustomLog /var/log/apache2/domain_one_access.log combined </IfModule> RewriteLog /var/log/apache2/domain_one_rewrite_log </VirtualHost> <IfDefine SSL> <IfDefine SSL_DEFAULT_VHOST> <IfModule ssl_module> <VirtualHost *:443> SSLEngine onSSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/ssl/domain_one.crt SSLCertificateKeyFile /etc/apache2/ssl/domain_one.key ServerName domain_one.com SSLOptions StrictRequire SSLProtocol all -SSLv2 <IfModule mod_rewrite.c> RewriteEngine OnRewriteRule ^/(.*) http://domain_one.com:7080/VirtualHostBase/https/domain_one.com:443/sites/site1/VirtualHostRoot/$1 [L,P]
</IfModule> <IfModule mod_log_config.c> TransferLog /var/log/apache2/domain_one_ssl_access_log </IfModule> <IfModule mod_setenvif.c>SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0 </IfModule> <IfModule mod_log_config.c> CustomLog /var/log/apache2/domain_one_ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" </IfModule> </VirtualHost> </IfModule> </IfDefine> </IfDefine> ####### #domain_two.confis the same as domain_one, with the only difference being the entries for the RewriteRule
RewriteRule ^/(.*) http://domain_two.com:7080/VirtualHostBase/https/domain_two.com:443/sites/site2/VirtualHostRoot/$1 [L,P]
and the SSLCertificateFile /etc/apache2/ssl/domain_two.crt SSLCertificateKeyFile /etc/apache2/ssl/domain_two.key also the logs etc..Now my issue is that everything seems to work OK for domain_one.com but everytime I try to access domain_two.com I get the certificate for the machine, that is server.ctr and not domain_two.ctr.
This is not the case in domain_one.com, where the correct certificate is displayed.
Even if I put the certificate for domain_one, I get the server.crt certificate showing.
Any ideas on how to solve this problem? And how to test SNI is working? I have apache 2.2.8 Many thanks Norman%>>> "".join( [ {'*':'@','^':'.'}.get(c,None) or chr(97+(ord(c)-83)%26) for c in ",adym,*)&uzq^zqf" ] )
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx