Greg Your method failed, my other attempted methods failed, and copies of several examples found in apache docs, howtos, etc., all also failed. I finally ripped out everything, including all of the "<ifmodule>" directives relating to modssl, both setting up listen lines, and in the virtualhosts. I rewrote the vhost section as follows: port 80 ServerName atlas.placeholder.com NameVirtualHost 1.2.3.4:80 NameVirtualHost 1.2.3.4:443 <virtualhost 1.2.3.4:443> servername www.placeholder.com documentroot /var/www/placeholder.com-ssl serveradmin webmaster at placeholder.com #<ifmodule mod_ssl.c> sslengine on sslcertificatefile /etc/apache/placeholder.com.crt sslcertificatekeyfile /etc/apache/placeholder.com.key setenvif User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown #</ifmodule> </virtualhost> <VirtualHost 1.2.3.4:80> DocumentRoot /var/www/placeholder.com ServerName www.placeholder.com ServerAlias placeholder.com </VirtualHost> lynx to https://1.2.3.4 will get me a self-signed cert warning, and if I accept that, a 1.2.3.4 != cert (www.placeholder.com) warning. If I accept that, I get the proper content. If I don't, the access attempt fails. If I go to https://www.placeholder.com, however, I don't even get the cert warning (self-signed), and since lynx is set to autodeny by default, it shouldn't work at all. However, I get to the secure content, with no trouble. Additionally, this happens: atlas:/etc/apache# openssl s_client -port 443 CONNECTED(00000003) 18283:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol:s23_clnt.c:460: atlas:/etc/apache# Not quite sure what this is telling me. Any further ideas, on this slightly modified problem? Thanks for putting me on the right track with the previous. Luke
