OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [users@httpd] VirtualHost and HTTPS


It is.
If you try to disable myhost.domain1.org - you will see that myhost.domain2.org will work over SSL/TLS :)



On 2018-08-29 19:19, David Rush wrote:
Ah, so SNI is dependent on the operating system, not the version of
Apache HTTPD installed?

I had read about SNI and understood the basics of it, but assumed that
it was a function of HTTPD version rather than older OS version.

Thanks for your help.

David

On Wed, Aug 29, 2018 at 11:00 AM, Jonathan Sélea <jonathan@xxxxxxxx>
wrote:

I am very sure that this has to do with the fact that older machines
simply does not have support for SNI.

On 2018-08-29 16:28, David Rush wrote:

I'm running httpd 2.4.12 on Windows Server 2003.

We have things set up and working with http and https using the
primary host name (fully qualified).

We need for a different domain (same hostname) to work with https.

These both need to work:

https://myhost.domain1.org - this works fine

https://myhost.domain2.org - I can't get this to work

I have certificates (and key files) for both domains (the first
being
unique to the FQDN, the second being a wildcard for *.domain2.org
[1]
[1]).

I have <VirtualHost *:443> blocks set up with ServerName
myhost.domain1.org [2] [2] in one, and ServerName
myhost.domain2.org [3] [3]
in the other.  Each specifies its proper cert and key files, and
unique DocumentRoot locations.

httpd.exe -S clearly indicates both VirtualHosts found, no errors
(no
errors from httpd.exe -t, either).

It appears that the first certificate is always being served
regardless of which host name is used in the browser.  Also, the
2nd
(domain2.org [1] [1]) config has a different DocumentRoot, but
when I tell
the browser to ignore the security warnings I'm being delivered
content from the domain1.org [4] [4] DocumentRoot.

Help!

David

E-Mail to and from me, in connection with the transaction
of public business, is subject to the Wyoming Public Records
Act and may be disclosed to third parties.

Links:
------
[1] http://domain2.org
[2] http://myhost.domain1.org
[3] http://myhost.domain2.org
[4] http://domain1.org

--
Jonathan Sélea

PGP Key: 0x8B35B3C894B964DD
Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD
https://jonathanselea.se


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx

E-Mail to and from me, in connection with the transaction
of public business, is subject to the Wyoming Public Records
Act and may be disclosed to third parties.


Links:
------
[1] http://domain2.org
[2] http://myhost.domain1.org
[3] http://myhost.domain2.org
[4] http://domain1.org

--
Jonathan Sélea

PGP Key: 0x8B35B3C894B964DD
Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD
https://jonathanselea.se

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx