|
Home > Archive > WebSphere HTTP Server > February 2004 > SSLAppName and virtual hosts
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSLAppName and virtual hosts
|
|
| Jerrel Adcock 2004-02-24, 11:33 am |
| I'm using the 400 and am trying to set up ssl on name-based virtual
hosts. I've got two domains pointing to the same box, www.realdomain.com
and www.bogusdomain.com (for the sake of arguement). I try to specify a
different SSLAppName for each of the virtual host entries.
The problem is that only the first SSLAppName appears to get used. The
second one is ignored. SSL works for that virtual host, but uses the
first's certificate.
I've seen a couple of messages in this newsgroup and elsewhere regarding
this. Some say that this can't be done, others say that it can be done
as long as the virtual hosts are specified first. However, those posts
are all fairly old and there have been updates to IBM Apache since.
The IBM docs state the SSLAppName is valid in the virtualhost context.
Perhaps it should say that SSLAppName is valid but the second and
subsequent ones will be ignored?
Anyone tried this? Had any luck with it? Any help at all to offer?
| |
| Sunit Patke 2004-02-25, 11:33 am |
| SVH or Software virtual Hosting should not be used with SSL because of this
problem. If you want to point two different domains to the same server then
you should put two IP addresses on this box and point each domain to
its own ip address.
In the httpd.conf you can then create VirtualHost for each domain with port
443
and point to different certificate.
Sunit
"Jerrel Adcock" <no@email.given> wrote in message
news:c1gqa2$8kqa$1@news.boulder.ibm.com...
> I'm using the 400 and am trying to set up ssl on name-based virtual
> hosts. I've got two domains pointing to the same box, www.realdomain.com
> and www.bogusdomain.com (for the sake of arguement). I try to specify a
> different SSLAppName for each of the virtual host entries.
>
> The problem is that only the first SSLAppName appears to get used. The
> second one is ignored. SSL works for that virtual host, but uses the
> first's certificate.
>
> I've seen a couple of messages in this newsgroup and elsewhere regarding
> this. Some say that this can't be done, others say that it can be done
> as long as the virtual hosts are specified first. However, those posts
> are all fairly old and there have been updates to IBM Apache since.
>
> The IBM docs state the SSLAppName is valid in the virtualhost context.
> Perhaps it should say that SSLAppName is valid but the second and
> subsequent ones will be ignored?
>
> Anyone tried this? Had any luck with it? Any help at all to offer?
| |
| Jerrel Adcock 2004-02-26, 5:33 pm |
| Many thanks.
This does make sense. Virtual hosting depends on the hostname header
sent in the http request. The http request isn't made until after the
ssl handshake has happened.
For a better description:
http://httpd.apache.org/docs-2.0/ss...faq.html#vhosts
Sunit Patke wrote:
> SVH or Software virtual Hosting should not be used with SSL because of this
> problem. If you want to point two different domains to the same server then
> you should put two IP addresses on this box and point each domain to
> its own ip address.
>
> In the httpd.conf you can then create VirtualHost for each domain with port
> 443
> and point to different certificate.
>
> Sunit
>
> "Jerrel Adcock" <no@email.given> wrote in message
> news:c1gqa2$8kqa$1@news.boulder.ibm.com...
>
>
>
>
|
|
|
|
|