Bug 164475 – SSLCertificateFile only obeyed once

Bugzilla will be upgraded to version 5.0. The upgrade date is tentatively scheduled for 2 December 2018, pending final testing and feedback.

Bug 164475 - SSLCertificateFile only obeyed once

Summary:	SSLCertificateFile only obeyed once

Status:	CLOSED NOTABUG

Aliases:	None

Product:	Red Hat Enterprise Linux 4
Classification:	Red Hat
Component:	mod_ssl (Show other bugs)
Sub Component:
Version:	4.0
Hardware:	i386 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Joe Orton
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2005-07-28 00:55 EDT by Jason Bradley Nance
Modified:	2007-11-30 17:07 EST (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2005-07-28 03:09:10 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Jason Bradley Nance 2005-07-28 00:55:33 EDT

From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20041013 Firefox/0.9.3 (Ubuntu)

Description of problem:
I am doing name-based virtual hosting for a number of ssl sites and it appears that only the first instance of the SSLCertificateFile directive is being used.

For instance (in /etc/httpd/conf.d/ssl.conf):

...
NameVirtualHost *:443

<VirtualHost *:443>
    ...
    ServerName ssl.server1.tld:443
    ...
    SSLCertificateFile /path/to/server1.crt
    SSLCertificateKeyFile /path/to/server1.key
    ...
</VirtualHost>

<VirtualHost *:443>
    ...
    ServerName ssl.server2.tld:443
    ...
    SSLCertificateFile /path/to/server2.crt
    SSLCertificateKeyFile /path/to/server2.key
    ...
</VirtualHost>

Browsing to either site brings up the certificate for server1 and never the certificate for server2.

Version-Release number of selected component (if applicable):
mod_ssl-2.0.52-12.1

How reproducible:
Always

Steps to Reproduce:
1. install httpd & mod_ssl
2. create certificate/key pairs for each virtual host (and remove the password)
3. configure apache to do name based virtual hosting and use different cert/key pairs for each host
  

Actual Results:  Only the first listed certificate is used.

Expected Results:  The certificate configured for each individual virtual host should be used.

Additional info:

Comment 1 Joe Orton 2005-07-28 03:09:10 EDT

Thanks for contacting us.

Unfortunately, it's not possible to use name-based vhosting with SSL; please see:

http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts1

Note You need to log in before you can comment on or make changes to this bug.