From owner-freebsd-isp Wed Dec 6 18:20: 6 2000 From owner-freebsd-isp@FreeBSD.ORG Wed Dec 6 18:20:03 2000 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from java.dpcsys.com (java.dpcsys.com [206.16.184.7]) by hub.freebsd.org (Postfix) with ESMTP id 65DFC37B400 for ; Wed, 6 Dec 2000 18:20:03 -0800 (PST) Received: from localhost (dan@localhost) by java.dpcsys.com (8.10.0.Beta12/8.10.0.Beta12) with SMTP id eB72KTV28691; Wed, 6 Dec 2000 18:20:29 -0800 (PST) Date: Wed, 6 Dec 2000 18:20:29 -0800 (PST) From: Dan Busarow To: Ryan Thompson Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Annoying problem with apache-modssl certs In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Wed, 6 Dec 2000, Ryan Thompson wrote: > Hey all... Hope someone has seen this before... > > I've got an apache-modssl server (apache 1.3.9, mod-ssl 2.4.9, openssl > 0.9.4) running under FreeBSB 3.4. > > A default entry is configured, using "server.crt" and "server.key", on a > default server name. > > www.virtual1.tld > I successfully added one virtual host, "virtual1.crt" / "virtual2.key". > (Yes, I use a better naming convention than this :-) Actually, that site > has been up for a while. > > www.virtual2.tld > Now, on the same server, I desired to add another virtual host. So, after > generating the key, csr, and obtaining signed .crt (Thawte), as I have > always done, and adding another virtual host entry on the same IP/port 443 > in httpd.conf, and restarting the secure server, the following happens: HTTPS does not support name based virtual hosts. You need to use unique IP addresses for each virtual when doing HTTPS. Nothing to do with Apache, mod_ssl or the ports. Dan -- Dan Busarow 949 443 4172 Dana Point Communications, Inc. dan@dpcsys.com Dana Point, California 83 09 EF 59 E0 11 89 B4 8D 09 DB FD E1 DD 0C 82 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message