Rick Barnes wrote: > Tony Schreiner wrote: >> I recently aquired a Verisign SSL certificate for my web server on >> Centos 4, with apache 2.0.59 from centosplus. >> >> It however doesn't seem to be working the way I've set it up, >> browsers connect but are told the certiticate is not recognized. >> Showing more info, the information looks correct. >> >> I think it has probably to do with the fact that I'm using the >> certificate on a virtual named host, and I wonder If any body has >> experience doing this? A few places in the apache documentation >> suggest that SSL cannot be used with name based virtual hosting, but >> I don't if that means, not at all, or not with multiple named hosts. >> >> I have multiple NameVirtualHost on port 80, but will only plan to use >> one of the names on port 443. >> >> The start of the section in my ssl.conf goes like this: >> >> >> <VirtualHost _default_:443> >> ServerName nameprotected.domain.edu:443 >> ServerAdmin me at domain.edu >> DocumentRoot /var/www/docs/nameprotected >> >> >> nameprotected.domain.edu is a DNS CNAME to the actual host. >> >> How do folks do SSL and virtual hosts? multiple IP addresses is not >> an option for me. >> > > This is how I do it: > NameVirtualHost IP.AD.DR.ESS:443 > > <VirtualHost IP.AD.DR.ESS:443> > SSLEngine On > SSLCertificateFile path/to/domain.crt > SSLCertificateKeyFile path/to/domain.key > ServerName domain.tld > ServerAdmin webmaster at domain.tld > DocumentRoot /path/to/webroot > ErrorLog /path/to/logs/errors.log > CustomLog /path/to/logs/access.log combined > </VirtualHost> > > Rick SSLCertificateChainFile /path/to/chain/chain.crt I don't know much about the ssl stuff, I just know if I'm missing the chain file I have issues with the key not being correctly recognised.