Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

apache2 ssl & virtualhosts - more certificates setup
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
salam
Apprentice
Apprentice


Joined: 29 Sep 2005
Posts: 227
PostPosted: Wed Jan 25, 2006 8:04 pm    Post subject: apache2 ssl & virtualhosts - more certificates setup Reply with quote
I have a domain (for example domain.tld) and one subdomain called mail.domain.tld (both on the same machine, so one IP for both)

I'd like to use a different ssl certificate for each (to get rid of warning about server name mismatch). How can I do this? I have a ssl virtualhost and it is working OK except for the certificate part(it ignores certs in its declaration and uses default ones)

here is the ssl vhost configuration for mail subdomain:
Code:
<VirtualHost *:443>

DocumentRoot "/var/www/localhost/htdocs/squirrelmail"
ServerName mail.domain.tld
ServerAdmin www@domain.tld
ErrorLog logs/ssl_error_log
<IfModule mod_log_config.c>
        TransferLog logs/ssl_access_log
</IfModule>
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/apache2/domain-mail-cert.pem
SSLCertificateKeyFile /etc/apache2/domain-mail-key.pem
<Files ~ "\.(cgi|shtml|phtml|php?)$">
    SSLOptions +StdEnvVars
</Files>

<Directory "/var/www/localhost/cgi-bin">
    SSLOptions +StdEnvVars
</Directory>
<IfModule mod_setenvif.c>
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0
</IfModule>
<IfModule mod_log_config.c>
CustomLog logs/ssl_request_log \
          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</IfModule>

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteOptions inherit
</IfModule>

</VirtualHost>


this is placed under a default vhost in file 41_mod_ssl.default-vhost.conf

this is ssl part of the default virtualhost:
Code:
SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

SSLCertificateFile /etc/apache2/ssl/domain-cert.pem

SSLCertificateKeyFile /etc/apache2/ssl/domain-key.pem


as it does not work and i still get a default certificate instead of a mail one when i contact https://mail.domain.tld, it is clear that i did something wrong. but i have no idea what. do you have any experience with setting up a different certificate for each apache virtualhost?
Back to top
View user's profile Send private message
jtaylor72
Apprentice
Apprentice


Joined: 01 Feb 2004
Posts: 197
Location: "the can", WA
PostPosted: Wed Jan 25, 2006 9:09 pm    Post subject: Reply with quote
As far as I know, you can only have one certificate per IP Address.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy