[ale] Multiple virt https hosts under Apache/mod_ssl

Jim Popovitch jimpop at rocketship.com
Thu Jan 2 08:58:45 EST 2003


I think the problem/limit is within Apache and mod_ssl.  I don't think
Apache can load more than one instance of mod_ssl, and mod_ssl only supports
one set of certs at a time.  Someone please let me know if you know
otherwise as I am looking to avoid having 7 separate Apache installations on
one box.  ;)

-Jim P.

> -----Original Message-----
> From: ale-admin at ale.org [mailto:ale-admin at ale.org]On Behalf Of cfowler
> Sent: Thursday, January 02, 2003 8:30 AM
> To: ale at ale.org
> Subject: Re: [ale] Multiple virt https hosts under Apache/mod_ssl
>
>
> Would using IP Aliasing work in this case?
>
>
>
>
> On Thu, 2003-01-02 at 08:08, Jerry Swann wrote:
> > ed, Jan 01, 2003 at 12:01:51PM -0500
> >
> > On Wed, Jan 01, 2003 at 12:01:51PM -0500, Chuck Huber wrote:
> > > The objective is to setup multiple virtual hosts, each with its own
> > > x503 certificate.
> > >
> > > The problem is that when more than one virtual host is configured,
> > > the first certificate in the configuration is served regardless of
> > > which virtual host is contacted.
> > >
> > > Here's a summary of what I have in a file included in httpd.conf:
> > >
> > >     ...
> > >     NameVirtualHost 192.168.1.1:443
> > >
> > >     <VirtualHost 192.168.1.1:443>
> > >         ServerName          dev.mydomain.com
> > >     <VirtualHost 192.168.1.1:443>
> > >         ServerName          www.mydomain.com
> > >
> >
> > Since ssl is negotiated before any data transfers from host to host,
> > by the time the 'Hostname:' setting gets transferred to the web host
> > the ssl negotiation is already done and gone.
> >
> > SSL virtual hosts using the same ip address just don't work.  You have
> > to bind different ip addresses to different ssl certs.
> >
> > --
> > There are only 10 types of people in the world:
> >                             Those who understand binary, and
> those who don't
> >
> > Jerry Swann       "Jerry dot Swann at oit dot gatech dot edu"
> > Georgia Institute of Technology
> > Office Phone: 404 894-1659
> > Office Fax:   404 894-9548
> > already done and gone.
> >
> > SSL virtual hosts using the same ip address just don't work.  You have
> > to bind different ip addresses to different ssl certs.
> >
> > --
> > There are only 10 types of people in the world:
> >                             Those who understand binary, and
> those who don't
> >
> > Jerry Swann       "Jerry dot Swann at oit dot gatech dot edu"
> > Georgia Institute of Technology
> > Office Phone: 404 894-1659
> > Office Fax:   404 894-9548
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://www.ale.org/mailman/listinfo/ale
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale
>


_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale






More information about the Ale mailing list