AW: [suse-security] [Apache - SuSE 8.2 Pro] 2 different WWW virtu al hosts, 2 different certs
-----Ursprüngliche Nachricht----- Von: Dominik Sk?adanowski [mailto:dominik.skladanowski@ch.pw.edu.pl] Gesendet: Montag, 7. Juli 2003 12:24 An: SuSE-Security Betreff: [suse-security] [Apache - SuSE 8.2 Pro] 2 different WWW virtual hosts, 2 different certs
Hello
I tried to startup 2 SSL virtual hosts (every virtual host has it's own cert) on the same machne with 1 IP. Apparently it looks fine...
The problem is: when I connect to https://virtual1.domain.com/ cert is for domain virtual1.domain.com, but when I connect to https://virtual2.domain.com/ cert is for domain virtual1.domain.com too.
Isn't it strange? Or maybe I made a mistake.
Hi, each Virtual Host needs it´s own IP Adress.
CU Stefan
Here is fragment on my /etc/httpd/httpd.conf: -------------------------------------------------------------- --------- NameVirtualHost xxx.xxx.xxx.xxx:443
<VirtualHost virtual1.domain.com:443>
DocumentRoot "/srv/www/virtual1/htdocs" ServerName virtual1.domain.com ServerAdmin root@domain.com ErrorLog /var/log/httpd/error_log TransferLog /var/log/httpd/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/virtual1cert.pem
SSLCertificateKeyFile /etc/httpd/virtual1req.pem
SSLCACertificatePath /usr/share/ssl/misc/demoCA SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem
SSLOptions +StdEnvVars </Files> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
CustomLog /var/log/httpd/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost virtual2.domain.com:443>
DocumentRoot "/srv/www/virtual2" ServerName virtual2.domain.com ServerAdmin root@domain.com ErrorLog /var/log/httpd/error_log TransferLog /var/log/httpd/access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/virtual2cert.pem SSLCertificateKeyFile /etc/httpd/virtual2req.pem
SSLCACertificatePath /usr/share/ssl/misc/demoCA SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem
SSLOptions +StdEnvVars </Files> SSLOptions +StdEnvVars </Directory> SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0
CustomLog /var/log/httpd/ssl_request_log \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost> -------------------------------------------------------------- ---------
-- ++++++++++++++++++++++++++++++++++++++++++
Dominik Skladanowski
++++++++++++++++++++++++++++++++++++++++++
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
participants (1)
-
Junge, Stefan