On Aug 6, 2008, at 12:26 PM, Marc Dirix wrote:
> Hello,
>
> I currently have 2 virtual servers in Roxen. Both using SSL.
> https://www.foo.com and
> https://www.example.com.
>
> Now I've created a SSL key file, and did a signing
> request for www.foo.com, which works excellent.
>
> Then I've created a signing request for www.example.com, and
> added the certificate to the (I don't get why) global list
> under ports.
>
> So now I see a list with certificates,
> one for www.example.com and one for www.foo.com. The problem now
> is, that roxen always chooses the top one certificate. So
> if I connect to either virtual, the top one is chosen which
> causes the client in one of both virtual servers to
> warn about not being the right certificate.
This is because the SSL works at a lower level than http. You cannot
use multiple certificates on one IP address for multiple virtual
servers. SSL does not know about your virtual servers as that is an
http level thing.
>
>
> Now It may be just me, but why is even the ssl-keyfile global,
> and not seperate for each virtual server?
>
> And in short term, how can I use different certificates for different
> virtual servers?
You need to get a special kind of certificate that lists multiple
names in it (ie, 1 cert that covers example.com and foo.com).
Chad
>
>
> Thanks for helping,
>
> Marc
>
---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net
|