Rick Barnes wrote:
Tony Schreiner wrote:
I recently aquired a Verisign SSL certificate for my web server on
Centos 4, with apache 2.0.59 from centosplus.
It however doesn't seem to be working the way I've set it up,
browsers connect but are told the certiticate is not recognized.
Showing more info, the information looks correct.
I think it has probably to do with the fact that I'm using the
certificate on a virtual named host, and I wonder If any body has
experience doing this? A few places in the apache documentation
suggest that SSL cannot be used with name based virtual hosting, but
I don't if that means, not at all, or not with multiple named hosts.
I have multiple NameVirtualHost on port 80, but will only plan to use
one of the names on port 443.
The start of the section in my ssl.conf goes like this:
<VirtualHost _default_:443>
ServerName nameprotected.domain.edu:443
ServerAdmin me@xxxxxxxxxx
DocumentRoot /var/www/docs/nameprotected
nameprotected.domain.edu is a DNS CNAME to the actual host.
How do folks do SSL and virtual hosts? multiple IP addresses is not
an option for me.
This is how I do it:
NameVirtualHost IP.AD.DR.ESS:443
<VirtualHost IP.AD.DR.ESS:443>
SSLEngine On
SSLCertificateFile path/to/domain.crt
SSLCertificateKeyFile path/to/domain.key
ServerName domain.tld
ServerAdmin webmaster@xxxxxxxxxx
DocumentRoot /path/to/webroot
ErrorLog /path/to/logs/errors.log
CustomLog /path/to/logs/access.log combined
</VirtualHost>
Rick
SSLCertificateChainFile /path/to/chain/chain.crt
I don't know much about the ssl stuff, I just know if I'm missing the
chain file I have issues with the key not being correctly recognised.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
