On Fri, Nov 13, 2009 at 7:58 PM, Randy Paries <rtparies@xxxxxxxxx> wrote: > On Fri, Nov 13, 2009 at 12:26 PM, Krist van Besien > <krist.vanbesien@xxxxxxxxx> wrote: >> On Fri, Nov 13, 2009 at 6:14 PM, Randy Paries <rtparies@xxxxxxxxx> wrote: >>> also i have this in my httpd >>> NameVirtualHost 216.186.190.101:80 >>> NameVirtualHost 216.186.190.106:80 >>> NameVirtualHost 216.186.190.101:443 >> >> You probably don't need these. >> >> I asume you have your one SSL host on 216.186.190.101 and another on >> 216.186.190.106 ? >> >> Krist >> > > so i tried to re-issue my cert so the file names are a little different. > > so here is where i am now > > two domains: > 1) unitfaces.com is supposed to have the real cert > 2)yumasnowbirds.com is suppose to have the self signed cert > > <VirtualHost 216.186.190.101:443> > ServerAdmin webmaster@xxxxxxxxxxxx > DocumentRoot /home/unitfaces/ > > ServerName www.unitfaces.com > ServerAlias unitfaces.com > > ErrorLog logs/unitfacesSSL.com-error_log > CustomLog logs/unitfacesSSL.com-access_log combined > > SSLEngine on > SSLCertificateFile /etc/httpd/conf/ssl.crt/www.unitfaces.com.crt > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.calgary.key > > </VirtualHost> > > <VirtualHost 216.186.190.106:443> > ServerAdmin webmaster@xxxxxxxxxxxx > DocumentRoot /home/yumasnowbirds/ > > ServerName www.yumasnowbirds.com > ServerAlias yumasnowbirds.com > > ErrorLog logs/yumasnowbirdsSSL.com-error_log > CustomLog logs/yumasnowbirdsSSL.com-access_log combined > > SSLEngine on > SSLCertificateFile /etc/httpd/conf/ssl.crt/www.yumasnowbirds.com.crt > SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.calgary.key > > </VirtualHost> That looks all OK to me. > > here is some more info > if i do > #openssl s_client -connect www.unitfaces.com:443 -showcerts > i see (btw , i have no idea where it is getting this info??) > CONNECTED(00000003) > depth=0 /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx > verify error:num=18:self signed certificate > verify return:1 > depth=0 /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit/CN=localhost.localdomain/emailAddress=root@xxxxxxxxxxxxxxxxxxxxx > verify return:1 This is all info from the certificate. It appears that unitfaces.com has a self signed certificate. You can verify this with: openssl x509 -in /etc/httpd/conf/ssl.crt/www.unitfaces.com.crt -text (dot this on your sever...) I think that some of your assumption about what's in www.unitfces.com.crt might be wrong... Krist -- krist.vanbesien@xxxxxxxxx krist@xxxxxxxxxxxxx Bremgarten b. Bern, Switzerland -- A: It reverses the normal flow of conversation. Q: What's wrong with top-posting? A: Top-posting. Q: What's the biggest scourge on plain text email discussions? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|