[CentOS] CentOS 4.1 Apache

Johnny Hughes mailing-lists at hughesjr.com
Mon Jul 4 10:47:46 UTC 2005 

On Mon, 2005-07-04 at 00:10 -0500, Mike Kercher wrote:
>  
> -----Original Message-----
> From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf
> Of Collins Richey
> Sent: Sunday, July 03, 2005 10:17 PM
> To: CentOS mailing list
> Subject: Re: [CentOS] CentOS 4.1 Apache
> 
> On 7/3/05, Peter Arremann <loony at loonybin.org> wrote:
> > On Sunday 03 July 2005 22:06, Ben wrote:
> > > NameVirtualHost xxx.xxx.xxx.xxx:80
> > >
> > > <VirtualHost xxx.xxx.xxx.xxx:80>
> > >     DocumentRoot /www/svgeek
> > >     ServerName www.svgeek.com
> > > </VirtualHost>
> > >
> > > <VirtualHost xxx.xxx.xxx.xxx:80>
> > >     DocumentRoot /www/bluesky
> > >     ServerName www.blueskyinnovations.com </VirtualHost>
> > >
> > > <VirtualHost xxx.xxx.xxx.xxx:80>
> > >     DocumentRoot /www/bluesky
> > >     ServerName www.power-boot.com
> > > </VirtualHost>
> > >
> > >
> > > where xxx.xxx.xxx.xxx is the external/public IP address.
> > Looks good so far - is there anything logged in your error.log?
> > Did this setup work (and you upgraded something) or is this something 
> > new you're trying to set up?
> > 
> 
> I would be curious to learn the answer. We have a related problem with
> virtual hosts for https urls on REHL3 systems. The symptoms are similar, ie
> the DocumentRoot for the http url is substituted for the https url. Don't
> have the exact parameters available at home, but will look up and report
> back.
> 
> --
>  Collins
>        
> 
> To my knowledge, you need a separate IP address for each https vhost, else
> the default ssl cert is used.
> 
> Mike

Absoultely true ... you must have sepearate IP addresses for https
sites ... BECAUSE ... the http headers have to be unencrypted before the
server can find out what the virtual host is (the server can't read the
location you are trying to get to while the header is still encrypted).
So, the system has to pick a certificate to use to decode the request if
there are multiple ones listed for that IP.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.centos.org/pipermail/centos/attachments/20050704/079f615d/attachment.sig>

More information about the CentOS mailing list