From owner-freebsd-questions@FreeBSD.ORG  Wed Jan 25 08:15:16 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id D492D16A41F
	for <freebsd-questions@freebsd.org>;
	Wed, 25 Jan 2006 08:15:16 +0000 (GMT)
	(envelope-from akbeech@alaskaparadise.com)
Received: from pinnacle.akherb.com (94-37-237-24.gci.net [24.237.37.94])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 63C1B43D46
	for <freebsd-questions@freebsd.org>;
	Wed, 25 Jan 2006 08:15:15 +0000 (GMT)
	(envelope-from akbeech@alaskaparadise.com)
Received: by pinnacle.akherb.com (Postfix, from userid 1007)
	id 8DC616207; Tue, 24 Jan 2006 23:15:15 -0900 (AKST)
Received: from [192.168.2.200] (209-124-141-064.ip.arctic.net [209.124.141.64])
	by pinnacle.akherb.com (Postfix) with ESMTP id 475975DDF
	for <freebsd-questions@freebsd.org>;
	Tue, 24 Jan 2006 23:15:12 -0900 (AKST)
From: Beech Rintoul <akbeech@alaskaparadise.com>
Organization: Alaska Paradise Travel
To: freebsd-questions@freebsd.org
Date: Tue, 24 Jan 2006 23:14:55 -0900
User-Agent: KMail/1.9.1
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="nextPart1530821.kzQug3AZdv";
	protocol="application/pgp-signature"; micalg=pgp-sha1
Content-Transfer-Encoding: 7bit
Message-Id: <200601242315.09635.akbeech@alaskaparadise.com>
Subject: ssl config problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Jan 2006 08:15:17 -0000

--nextPart1530821.kzQug3AZdv
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline

I'm trying to set up two virtual ssl websites on Apache2. When I go the the=
=20
first site, it returns the proper cert and everything works as expected. Bu=
t,=20
when I go to the second site it returns the cert from the first site even=20
though a different set of certs is specified in ssl.conf. If I comment out=
=20
the first site, the second site works correctly. I've been all through the=
=20
docs on apache.org and I can't figure out what I'm doing wrong.

Here's the ssl.conf:

SSLRandomSeed startup builtin
SSLRandomSeed connect builtin

<IfDefine SSL>

Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl =A0 =A0.crl

SSLPassPhraseDialog =A0builtin

SSLSessionCache =A0 =A0 =A0 =A0 dbm:/var/run/ssl_scache
SSLSessionCacheTimeout =A0300

SSLMutex =A0file:/var/run/ssl_mutex

###################################################

NameVirtualHost *:443

<VirtualHost *:443>
DocumentRoot "/usr/local/www/secure/alaskaparadise"
ServerName secure.alaskaparadise.com
ServerAdmin akbeech@alaskaparadise.com
ErrorLog /usr/home/akparadise/log/secure-error.log
TransferLog /usr/home/akparadise/log/secure-access.log

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:
+eNULL
SSLCertificateFile /usr/local/etc/apache2/ssl.crt/secure.alaskaparadise.com=
=2Ecrt
SSLCertificateKeyFile /usr/local/etc/apache2/ssl.key/secure.alaskaparadise.=
com.key

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
=A0 =A0 SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/www/cgi-bin">
=A0 =A0 SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
=A0 =A0 =A0 =A0 =A0nokeepalive ssl-unclean-shutdown \
=A0 =A0 =A0 =A0 =A0downgrade-1.0 force-response-1.0

CustomLog /var/log/httpd-ssl_request.log \
=A0 =A0 =A0 =A0 =A0 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>

<VirtualHost *:443>
DocumentRoot "/usr/local/www/secure/akherb"
ServerName secure.akherb.com
ServerAdmin akherb@akherb.com
ErrorLog /usr/home/akherb/log/secure-error.log
TransferLog /usr/home/akherb/log/secure-access.log

SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:
+eNULL
SSLCertificateFile /usr/local/etc/apache2/ssl.crt/secure.akherb.com.crt
SSLCertificateKeyFile /usr/local/etc/apache2/ssl.key/secure.akherb.com.key

<FilesMatch "\.(cgi|shtml|phtml|php3?)$">
=A0 =A0 SSLOptions +StdEnvVars
</FilesMatch>
<Directory "/usr/local/www/cgi-bin">
=A0 =A0 SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
=A0 =A0 =A0 =A0 =A0nokeepalive ssl-unclean-shutdown \
=A0 =A0 =A0 =A0 =A0downgrade-1.0 force-response-1.0

CustomLog /var/log/httpd-ssl_request.log \
=A0 =A0 =A0 =A0 =A0 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

</IfDefine>

Any help would be appreciated,

Beech
=2D-=20

=2D------------------------------------------------------------------------=
=2D-------------
Beech Rintoul - Sys. Administrator - akbeech@alaskaparadise.com
/"\   ASCII Ribbon Campaign  | Alaska Paradise Travel
\ / - NO HTML/RTF in e-mail  | 201 East 9Th Avenue Ste.310
 X  - NO Word docs in e-mail | Anchorage, AK 99501
/ \  - Please visit Alaska Paradise - http://www.alaskaparadise.com
=2D------------------------------------------------------------------------=
=2D-------------












--nextPart1530821.kzQug3AZdv
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQBD1zON1HPO4IQJSE0RAkBbAJ94ShJV56ujpKxOypCQih4DTDmH+wCfSiPi
lxabO+t6PbfLGX+xcjTVfy0=
=qjIh
-----END PGP SIGNATURE-----

--nextPart1530821.kzQug3AZdv--