Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
AW: [suse-security] [Apache - SuSE 8.2 Pro] 2 different WWW virtu al hosts, 2 different certs
  • From: "Junge, Stefan" <Stefan.Junge@xxxxxxxxxxxxxxx>
  • Date: Mon, 7 Jul 2003 12:37:24 +0200
  • Message-id: <C046B8B0A5BCD411B92500508BB07EFB0394EB41@xxxxxxxxxxxxxxx>



> -----Ursprüngliche Nachricht-----
> Von: Dominik Sk?adanowski [mailto:dominik.skladanowski@xxxxxxxxxxxx]
> Gesendet: Montag, 7. Juli 2003 12:24
> An: SuSE-Security
> Betreff: [suse-security] [Apache - SuSE 8.2 Pro] 2 different
> WWW virtual
> hosts, 2 different certs
>
>
> Hello
>
> I tried to startup 2 SSL virtual hosts (every virtual host
> has it's own
> cert) on the same machne with 1 IP. Apparently it looks fine...
>
> The problem is:
> when I connect to https://virtual1.domain.com/ cert is for domain
> virtual1.domain.com, but when I connect to
> https://virtual2.domain.com/
> cert is for domain virtual1.domain.com too.
>
> Isn't it strange? Or maybe I made a mistake.

>> Hi, each Virtual Host needs it´s own IP Adress.

>> CU Stefan


>
> Here is fragment on my /etc/httpd/httpd.conf:
> --------------------------------------------------------------
> ---------
> NameVirtualHost xxx.xxx.xxx.xxx:443
>
> <VirtualHost virtual1.domain.com:443>
>
> DocumentRoot "/srv/www/virtual1/htdocs"
> ServerName virtual1.domain.com
> ServerAdmin root@xxxxxxxxxx
> ErrorLog /var/log/httpd/error_log
> TransferLog /var/log/httpd/access_log
>
> SSLEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> SSLCertificateFile /etc/httpd/virtual1cert.pem
>
> SSLCertificateKeyFile /etc/httpd/virtual1req.pem
>
> SSLCACertificatePath /usr/share/ssl/misc/demoCA
> SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem
>
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
> </Files>
> <Directory "/srv/www/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
>
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
> CustomLog /var/log/httpd/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
>
> <VirtualHost virtual2.domain.com:443>
>
> DocumentRoot "/srv/www/virtual2"
> ServerName virtual2.domain.com
> ServerAdmin root@xxxxxxxxxx
> ErrorLog /var/log/httpd/error_log
> TransferLog /var/log/httpd/access_log
>
> SSLEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
>
> SSLCertificateFile /etc/httpd/virtual2cert.pem
> SSLCertificateKeyFile /etc/httpd/virtual2req.pem
>
> SSLCACertificatePath /usr/share/ssl/misc/demoCA
> SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem
>
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
> SSLOptions +StdEnvVars
> </Files>
> <Directory "/srv/www/cgi-bin">
> SSLOptions +StdEnvVars
> </Directory>
>
> SetEnvIf User-Agent ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
> CustomLog /var/log/httpd/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> </VirtualHost>
> --------------------------------------------------------------
> ---------
>
> --
> ++++++++++++++++++++++++++++++++++++++++++
>
> Dominik Skladanowski
>
> ++++++++++++++++++++++++++++++++++++++++++
>
>
> --
> Check the headers for your unsubscription address
> For additional commands, e-mail: suse-security-help@xxxxxxxx
> Security-related bug reports go to security@xxxxxxx, not here
>

< Previous Next >
This Thread
  • No further messages