Date: Thu, 28 Jul 2005 15:39:27 +0200 From: Uzi Klein <uzi@bmby.com> To: freebsd-stable@FreeBSD.ORG Subject: Re: Apache2 just listening to https? Message-ID: <42E8E00F.6060103@bmby.com> In-Reply-To: <200507281217.j6SCHiNC048246@lurza.secnetix.de> References: <200507281217.j6SCHiNC048246@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format. --------------ms030105000400060801090001 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Oliver Fromme wrote: > Uzi Klein <uzi@bmby.com> wrote: > > Oliver Fromme wrote: > > > Uzi Klein <uzi@bmby.com> wrote: > > > > Actually, SSL can not be configured per name vhost. (or at least can not > > > > work) > > > > Because SSL handshake is used before http headers, it just can't be done. > > > > > > You can configure SSL perfectly fine per virtual host, > > > provided that they have separate addresses. You can > > > even use SSL for virtual hosts that share an address, > > > if they listen on different ports (in this case you > > > can use redirects for convenience, so users don't have > > > to type the port numbers). > > > > > > It's correct that SSL doesn't work for pure name-based > > > virtual hosts (not using "special tricks"), but nobody > > > was talking about that. > > > > > > > note the *name vhost* > > Only _you_ were talking about named virtual hosts. :-) > They are not an issue in this case. > > > and the user's conf. > The original post has > <VirtualHost *:80> > ServerName freebsd.domain.net > ServerAlias freebsd.domain.net > DocumentRoot /usr/local/www/data > </VirtualHost> > > ...which should be loaded on startup. Also, i activated > > NameVirtualHost *:80 But it's really getting off topic. looks like the problem has to do with DocumentRoot or DirectoryIndex in httpd.conf. > The user's configuration, as far as it has been (partially) > shown, contains just two virtual hosts which run on different > ports (port 80 for for HTTP and port 443 for HTTPS). > So name-based virtual hosts are _not_ an issue here. > > Name-based virtual hosts would be a problem if you run > multiple of them on the same IP address _and_ on the same > port with SSL (usually 443). That's not the case here. > > Best regards > Oliver > -- Uzi Klein Software Development Executive B.M.B.Y Software Systems LTD. Phone: 972-4-9597989 Fax: 972-3-6179336 Email: uzi@bmby.com http://www.bmby.com --------------ms030105000400060801090001 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIHzTCC AkEwggGqoAMCAQICAw8T9jANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwHhcNMDUwNzA1MTUwNTQ3WhcNMDYwNzA1MTUwNTQ3 WjA+MR8wHQYDVQQDExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMRswGQYJKoZIhvcNAQkBFgx1 emlAYm1ieS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM/hjHCQv3zDBkfXTm8o k6hGvfoKzjQJUEgDBgrzd8PNmYvp4uYCPDaisap1a9paS0Tc32YN+HASs7BsKBjfvtLSKa0m 1aERkUCrxTDFiC8QDgXJ3b+V2MPcrulkKsZ0+kQM3/kLCAEhYJ5bhX0vHFBsCrDgH0fx4rkd E4MSLJHnAgMBAAGjKTAnMBcGA1UdEQQQMA6BDHV6aUBibWJ5LmNvbTAMBgNVHRMBAf8EAjAA MA0GCSqGSIb3DQEBBAUAA4GBAE+tVNP9WuPEjpG85/75Av1CAuo+BQRvU0vGvEjuL0LPVSGd +/2gL+l3yc7dlksptdQpAhb89wph+EHvah7I3roie6s3IkgA9GTl93EJtMWfmVy+qiGcaEH3 pE17rK5/1Lwau4TwsytYFfQdN4DAxaZT9k2lvml8a49bzBfUO4RXMIICQTCCAaqgAwIBAgID DxP2MA0GCSqGSIb3DQEBBAUAMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29u c3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg SXNzdWluZyBDQTAeFw0wNTA3MDUxNTA1NDdaFw0wNjA3MDUxNTA1NDdaMD4xHzAdBgNVBAMT FlRoYXd0ZSBGcmVlbWFpbCBNZW1iZXIxGzAZBgkqhkiG9w0BCQEWDHV6aUBibWJ5LmNvbTCB nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz+GMcJC/fMMGR9dObyiTqEa9+grONAlQSAMG CvN3w82Zi+ni5gI8NqKxqnVr2lpLRNzfZg34cBKzsGwoGN++0tIprSbVoRGRQKvFMMWILxAO Bcndv5XYw9yu6WQqxnT6RAzf+QsIASFgnluFfS8cUGwKsOAfR/HiuR0TgxIskecCAwEAAaMp MCcwFwYDVR0RBBAwDoEMdXppQGJtYnkuY29tMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEE BQADgYEAT61U0/1a48SOkbzn/vkC/UIC6j4FBG9TS8a8SO4vQs9VIZ37/aAv6XfJzt2WSym1 1CkCFvz3CmH4Qe9qHsjeuiJ7qzciSAD0ZOX3cQm0xZ+ZXL6qIZxoQfekTXusrn/UvBq7hPCz K1gV9B03gMDFplP2TaW+aXxrj1vMF9Q7hFcwggM/MIICqKADAgECAgENMA0GCSqGSIb3DQEB BQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZp Y2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJl ZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20w HhcNMDMwNzE3MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UE ChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSm PFVzVftOucqZWh5owHUEcJ3f6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO 3cnwK4Vaqj9xVsuvPAsH5/EfkTYkKhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSF D0gEf6e20TxhBEAeZBlyYLf7AgMBAAGjgZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNV HR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVl bWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0RBCIwIKQeMBwxGjAYBgNVBAMTEVByaXZh dGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM0VCD6gsuzA2jZqxnD3+vrL7CF6FD lpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZGwDFGguCdJ4lUJRix9sncVcl jd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZNd4ksdMdRv9dX2VPMYIC ujCCArYCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcg KFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3Vpbmcg Q0ECAw8T9jAJBgUrDgMCGgUAoIIBpzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG SIb3DQEJBTEPFw0wNTA3MjgxMzM5MjdaMCMGCSqGSIb3DQEJBDEWBBSQH5lLYq1Vk/2rRd6u CK2WWaV4FDBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDAN BggqhkiG9w0DAgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDB4BgkrBgEEAYI3EAQxazBp MGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQu MSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIDDxP2MHoG CyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1 bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElz c3VpbmcgQ0ECAw8T9jANBgkqhkiG9w0BAQEFAASBgJUjOttCC8tyb6FcHqemxiAkUd6h+/dC XCVDS35sxeJlftz78yYW3dWnwM7U6OZDbWEOFfTuTYMVN/RrvEIEIOOiKv0EROSs7o5ZR3JZ ZXiCN+EGbmPJhD2B/s+92a7a00piYmuGIe5pnrFmjlpza87AZwGJh6BglNJhHcGkWoVKAAAA AAAA --------------ms030105000400060801090001--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42E8E00F.6060103>