You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@httpd.apache.org by bu...@apache.org on 2006/04/04 02:02:02 UTC
DO NOT REPLY [Bug 39192] New: - Wildcard certificate with multiple name-based vhosts - not found
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39192>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39192
Summary: Wildcard certificate with multiple name-based vhosts -
not found
Product: Apache httpd-2
Version: 2.2.0
Platform: PC
OS/Version: FreeBSD
Status: NEW
Severity: normal
Priority: P2
Component: mod_ssl
AssignedTo: bugs@httpd.apache.org
ReportedBy: jacek.chmielewski@gmail.com
There is a problem with running HTTPS for name based virtual hosts. I
know that 'SSL wont work for name-based virtual hosts'
[http://www.modssl.org/docs/2.8/ssl_faq.html#ToC47]. But it is known
that for name based virtual hosts Apache will always read the certificate set
for the fist vhost and this is ok for me, since I have just one
wildcard certificate [*.mydomain.com] and I use it for all vhosts.
It seems to work properly with 5-7 virtual hosts. But when I try to
add another vhost with the same certificate Apache throws an error:
[error] Oops, no RSA or DSA server certificate found for
'vhost8.mydomain.com:0'?!
I have no idea why there is a problem. All vhosts differ only with
ServerName and DocumentRoot. The rest of the configuration is the same
and all vhosts have the same certificate. So why Apache tells me that
it cannot find the certificate file when it already read it for the
previous seven vhosts?
OS: FreeBSD 6
Apache: 2.2.0_7 (I got the same error with Apache 2.0)
Sample vhost config:
<VirtualHost *:443>
ServerName vhost8.mydomain.com
DocumentRoot /home/www/vhost8
DirectoryIndex index.php index.html
SSLEngine on
SSLCertificateFile /usr/local/etc/apache22/crt/server.crt
SSLCertificateKeyFile /usr/local/etc/apache22/crt/server.key
SSLCACertificateFile /usr/local/etc/apache22/crt/ca.crt
</VirtualHost>
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org
DO NOT REPLY [Bug 39192] - Wildcard certificate with multiple name-based vhosts - not found
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=39192>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=39192
jorton@redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
------- Additional Comments From jorton@redhat.com 2006-06-21 12:18 -------
The configuration should use "ServerName vhost8.mydomain.com:443" at least; not
sure otherwise why this should actually fail. Can you attach the complete
error_log produced at startup with "LogLevel debug" configured?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@httpd.apache.org
For additional commands, e-mail: bugs-help@httpd.apache.org