Charles Keating wrote:
>
> Hi all,
> I have SSL installed which works great...to great. I have around 20
> non-ssl virtual sites, and one ssl virtual site. In my httpd.conf file, I
> have the following in the main section:
> User nobody
> Group nobody
> Port 80
> Listen 80
> SSLDisable
> Listen 443
> ServerRoot /usr/local/apache
> DocumentRoot /usr/local/apache/share/htdocs
> TransferLog /usr/local/apache/var/log/access.log
> ErrorLog /usr/local/apache/var/log/error.log
> PidFile /usr/local/apache/var/run/httpsd.pid
>
> ...and the following in one of the non-ssl virtual server sections :
> <VirtualHost www.onedog.com:80>
> SSLDisable
> Port 80
> ServerAdmin webmaster@onedog.com
> DocumentRoot /websites/docs/dogone/public_html
> ServerName www.onedog.com
> ErrorLog logs/www.onedog.com-error_log
> TransferLog logs/www.onedog.com-access_log
> </VirtualHost>
>
> and here is the ssl one
> <VirtualHost secure.thegolfer.com:443>
> Port 443
> SSLEnable
> SSLVerifyClient 0
> SSLVerifyDepth 10
> SSLCertificateKeyFile /usr/local/ssl/certs/secure.thegolfer.com.key
> SSLCertificateFile /usr/local/ssl/certs/secure.thegolfer.com.cert
> ServerAdmin webmaster@thegolfer.com
> DocumentRoot /websites/docs/thegolfer/secure
> ServerName secure.thegolfer.com
> ErrorLog logs/www.thegolfer.com-error_log
> TransferLog logs/www.thegolfer.com-access_log
> </VirtualHost>
>
> The problem is that if you go to https://www.onedog.com
> <https://www.onedog.com> , you get the certificate for the secure site. I
> do not want this to happen, obviously. How do I lock this thing down to
> where you can ssl to the correct site only and get an error page for the
> non-ssl servers? The secure site works great however. Am I missing
> something?
Probably: you can't do name-based virtual hosting with SSL.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first group; there was less competition there."
- Indira Gandhi