Re: ssl and NameVirtualHost

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Rick Barnes wrote:
Tony Schreiner wrote:
I recently aquired a Verisign SSL certificate for my web server on Centos 4, with apache 2.0.59 from centosplus.

It however doesn't seem to be working the way I've set it up, browsers connect but are told the certiticate is not recognized. Showing more info, the information looks correct.

I think it has probably to do with the fact that I'm using the certificate on a virtual named host, and I wonder If any body has experience doing this? A few places in the apache documentation suggest that SSL cannot be used with name based virtual hosting, but I don't if that means, not at all, or not with multiple named hosts.

I have multiple NameVirtualHost on port 80, but will only plan to use one of the names on port 443.

The start of the section in my ssl.conf goes like this:


<VirtualHost _default_:443>
    ServerName nameprotected.domain.edu:443
    ServerAdmin me@xxxxxxxxxx
    DocumentRoot /var/www/docs/nameprotected


nameprotected.domain.edu  is a DNS CNAME to the actual host.

How do folks do SSL and virtual hosts? multiple IP addresses is not an option for me.


This is how I do it:
NameVirtualHost IP.AD.DR.ESS:443

<VirtualHost IP.AD.DR.ESS:443>
    SSLEngine On
    SSLCertificateFile path/to/domain.crt
    SSLCertificateKeyFile path/to/domain.key
    ServerName domain.tld
    ServerAdmin webmaster@xxxxxxxxxx
    DocumentRoot /path/to/webroot
    ErrorLog /path/to/logs/errors.log
    CustomLog /path/to/logs/access.log combined
</VirtualHost>

Rick
SSLCertificateChainFile /path/to/chain/chain.crt

I don't know much about the ssl stuff, I just know if I'm missing the chain file I have issues with the key not being correctly recognised.



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux