On Thu, Jan 8, 2009 at 10:06 AM, Frank Gingras <francois.gingras@xxxxxxxxx> wrote: > In a scenario where you have two vhosts on *:443, apache will serve the > certificate from the first vhost for both sites, therefore generating a SSL > certificate mismatch if a client were to request content from the second > vhost, and so on. Ok, I think that clears it up for me. If, for instance, I have two sites and I want to serve both on 80 and 443, then I can set up 4 vhosts all together, a pair for each site where one in the pair listens on 80 and the other listens on 443 with SSL enabled. mod_ssl will choose the first vhost it finds on 443 and use the certificate specified there, but once the HTTP is decrypted, Apache will be able to use the Host header and port to choose the correct vhost. Is that correct? I guess my confusion was that I didn't realize the certificate is picked from one vhost, but the content could still be served from another. -Brian -- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://pgp.mit.edu/ --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx