From owner-freebsd-stable@FreeBSD.ORG Thu Jul 28 10:52:03 2005 Return-Path: X-Original-To: freebsd-stable@FreeBSD.ORG Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5EA2716A41F for ; Thu, 28 Jul 2005 10:52:03 +0000 (GMT) (envelope-from uzi@bmby.com) Received: from dev.bmby.co.il (l192-114-46-204.broadband.actcom.net.il [192.114.46.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1713643D46 for ; Thu, 28 Jul 2005 10:52:01 +0000 (GMT) (envelope-from uzi@bmby.com) Received: from [192.168.0.2] ([192.168.0.2]) by dev.bmby.co.il (8.12.9/8.12.9) with ESMTP id j6SAq8PS019304 for ; Thu, 28 Jul 2005 13:52:08 +0300 Message-ID: <42E8C6B3.8010002@bmby.com> Date: Thu, 28 Jul 2005 13:51:15 +0200 From: Uzi Klein Organization: B.M.B.Y Software Systems Ltd. User-Agent: Mozilla Thunderbird 1.0.5 (Windows/20050711) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-stable@FreeBSD.ORG References: <200507281044.j6SAiIIx044768@lurza.secnetix.de> In-Reply-To: <200507281044.j6SAiIIx044768@lurza.secnetix.de> Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=sha1; boundary="------------ms070202040100050600070006" Cc: Subject: Re: Apache2 just listening to https? X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Jul 2005 10:52:03 -0000 This is a cryptographically signed message in MIME format. --------------ms070202040100050600070006 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Oliver Fromme wrote: > Uzi Klein wrote: > > Eirik Øverby wrote: > > > On Jul 28, 2005, at 10:01 AM, Roger Grosswiler wrote: > > > > > > > > ServerName freebsd.domain.net > > > > ServerAlias freebsd.domain.net > > > > DocumentRoot /usr/local/www/data > > > > > > > > > > Make sure you are not enabling SSL globally, but for each vhost > > > individually. > > > > Actually, SSL can not be configured per name vhost. (or at least can not > > work) > > Because SSL handshake is used before http headers, it just can't be done. > > You can configure SSL perfectly fine per virtual host, > provided that they have separate addresses. You can > even use SSL for virtual hosts that share an address, > if they listen on different ports (in this case you > can use redirects for convenience, so users don't have > to type the port numbers). > > It's correct that SSL doesn't work for pure name-based > virtual hosts (not using "special tricks"), but nobody > was talking about that. > note the *name vhost* and the user's conf. -Uzi > > > Try the telnet trick mentioned by others, but simply type "GET / HTTP/ > > > 1.0" > > Actually, twice is sufficient. :-) > > Best regards > Oliver > --------------ms070202040100050600070006 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIHzTCC AkEwggGqoAMCAQICAw8T9jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNzA1MTUwNTQ3WhcNMDYwNzA1MTUwNTQ3 WjA+MR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMRswGQYJKoZIhvcNAQkBFgx1 emlAYm1ieS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM/hjHCQv3zDBkfXTm8o k6hGvfoKzjQJUEgDBgrzd8PNmYvp4uYCPDaisap1a9paS0Tc32YN+HASs7BsKBjfvtLSKa0m 1aERkUCrxTDFiC8QDgXJ3b+V2MPcrulkKsZ0+kQM3/kLCAEhYJ5bhX0vHFBsCrDgH0fx4rkd E4MSLJHnAgMBAAGjKTAnMBcGA1UdEQQQMA6BDHV6aUBibWJ5LmNvbTAMBgNVHRMBAf8EAjAA MA0GCSqGSIb3DQEBBAUAA4GBAE+tVNP9WuPEjpG85/75Av1CAuo+BQRvU0vGvEjuL0LPVSGd +/2gL+l3yc7dlksptdQpAhb89wph+EHvah7I3roie6s3IkgA9GTl93EJtMWfmVy+qiGcaEH3 pE17rK5/1Lwau4TwsytYFfQdN4DAxaZT9k2lvml8a49bzBfUO4RXMIICQTCCAaqgAwIBAgID DxP2MA0GCSqGSIb3DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg SXNzdWluZyBDQTAeFw0wNTA3MDUxNTA1NDdaFw0wNjA3MDUxNTA1NDdaMD4xHzAdBgNVBAMT FlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxGzAZBgkqhkiG9w0BCQEWDHV6aUBibWJ5LmNvbTCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz+GMcJC/fMMGR9dObyiTqEa9+grONAlQSAMG CvN3w82Zi+ni5gI8NqKxqnVr2lpLRNzfZg34cBKzsGwoGN++0tIprSbVoRGRQKvFMMWILxAO Bcndv5XYw9yu6WQqxnT6RAzf+QsIASFgnluFfS8cUGwKsOAfR/HiuR0TgxIskecCAwEAAaMp MCcwFwYDVR0RBBAwDoEMdXppQGJtYnkuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEE BQADgYEAT61U0/1a48SOkbzn/vkC/UIC6j4FBG9TS8a8SO4vQs9VIZ37/aAv6XfJzt2WSym1 1CkCFvz3CmH4Qe9qHsjeuiJ7qzciSAD0ZOX3cQm0xZ+ZXL6qIZxoQfekTXusrn/UvBq7hPCz K1gV9B03gMDFplP2TaW+aXxrj1vMF9Q7hFcwggM/MIICqKADAgECAgENMA0GCSqGSIb3DQEB BQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZp Y2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJl ZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20w HhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSm PFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO 3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSF D0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNV HR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVl bWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FD lpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcl jd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIC ujCCArYCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcg KFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbmcg Q0ECAw8T9jAJBgUrDgMCGgUAoIIBpzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG SIb3DQEJBTEPFw0wNTA3MjgxMTUxMTVaMCMGCSqGSIb3DQEJBDEWBBSfO4a32EBGl7wbnav4 yt/iRT5efzBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDAN BggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDB4BgkrBgEEAYI3EAQxazBp MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQu MSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDxP2MHoG CyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1 bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElz c3VpbmcgQ0ECAw8T9jANBgkqhkiG9w0BAQEFAASBgIXyqcDEuLVa5ij5BZ9zlwfXTaUjNtgP /3NNJTcY7hPTm702pl6dLdb+DQAvd+LwbYr16k/2eZ+DJ9qEMaZKMSaI4yfirlYJbevFuTGd m1F+JAAYppudrXDHu3DMz39et1nE/37bIiRoaFnC7JHr/7y5y++X1JNuFWOeGRGpkqWuAAAA AAAA --------------ms070202040100050600070006--