Mailinglist Archive: opensuse-security (359 mails)

< Previous Next >
[Apache - SuSE 8.2 Pro] 2 different WWW virtual hosts, 2 different certs
  • From: Dominik Sk?adanowski <dominik.skladanowski@xxxxxxxxxxxx>
  • Date: Mon, 07 Jul 2003 12:23:39 +0200
  • Message-id: <3F094A2B.6020200@xxxxxxxxxxxx>
Hello

I tried to startup 2 SSL virtual hosts (every virtual host has it's own cert) on the same machne with 1 IP. Apparently it looks fine...

The problem is:
when I connect to https://virtual1.domain.com/ cert is for domain virtual1.domain.com, but when I connect to https://virtual2.domain.com/ cert is for domain virtual1.domain.com too.

Isn't it strange? Or maybe I made a mistake.

Here is fragment on my /etc/httpd/httpd.conf:
-----------------------------------------------------------------------
NameVirtualHost xxx.xxx.xxx.xxx:443

<VirtualHost virtual1.domain.com:443>

DocumentRoot "/srv/www/virtual1/htdocs"
ServerName virtual1.domain.com
ServerAdmin root@xxxxxxxxxx
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /etc/httpd/virtual1cert.pem

SSLCertificateKeyFile /etc/httpd/virtual1req.pem

SSLCACertificatePath /usr/share/ssl/misc/demoCA
SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>

<VirtualHost virtual2.domain.com:443>

DocumentRoot "/srv/www/virtual2"
ServerName virtual2.domain.com
ServerAdmin root@xxxxxxxxxx
ErrorLog /var/log/httpd/error_log
TransferLog /var/log/httpd/access_log

SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /etc/httpd/virtual2cert.pem
SSLCertificateKeyFile /etc/httpd/virtual2req.pem

SSLCACertificatePath /usr/share/ssl/misc/demoCA
SSLCACertificateFile /usr/share/ssl/misc/demoCA/cacert.pem

<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/srv/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog /var/log/httpd/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

</VirtualHost>
-----------------------------------------------------------------------

--
++++++++++++++++++++++++++++++++++++++++++

Dominik Skladanowski

++++++++++++++++++++++++++++++++++++++++++


< Previous Next >