Re: [CentOS] CentOS 6, Apache 2.2.15 and SNI?

20 Nov 2016


      It doesn't appear you have a ServerName or ServerAlias for the naked domains (sans subdomain), so they're both being answered by the first VirtualHost entry?
...
On Nov 20, 2016, at 9:24 AM, Walter H. Walter.H@mathemainzel.info wrote:
Hello,
is Apache 2.2 which is part of the CentOS distribution capable of SNI?
I have troubles that are coming from server side (CentOS 6.8, Apache 2.2.15)
just did  'yum update'
in
/etc/httpd/conf/httpd.conf
I've the following
NameVirtualHost ipaddr:443
Include /etc/httpd/conf/vhosts/vhost-ssldom1-box.conf
Include /etc/httpd/conf/vhosts/vhost-ssldom2-box.conf
both 'vhost'-files are like this:
<VirtualHost ipaddr:443>
ServerAdmin webmaster@domain#.com
ServerName vhost.domain#.com:443
ServerAlias box.domain#.com:443
ServerAlias calcbox.domain#.com:443
ServerAlias proxybox.domain#.com:443
...
SSLEngine on
SSLStrictSNIVHostCheck on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domain#-host.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domain#-host.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/server-chain.crt
...
</VirtualHost>
only
https://domain1.com/...
works
https://domain2.com/...
results in a certificate CN mismatch ...
what is missing in my config.?
Thanks,
Walter

CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: [CentOS] CentOS 6, Apache 2.2.15 and SNI?