Bug 164475 - SSLCertificateFile only obeyed once
SSLCertificateFile only obeyed once
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: mod_ssl (Show other bugs)
4.0
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Joe Orton
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-07-28 00:55 EDT by Jason Bradley Nance
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-07-28 03:09:10 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jason Bradley Nance 2005-07-28 00:55:33 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20041013 Firefox/0.9.3 (Ubuntu)

Description of problem:
I am doing name-based virtual hosting for a number of ssl sites and it appears that only the first instance of the SSLCertificateFile directive is being used.

For instance (in /etc/httpd/conf.d/ssl.conf):

...
NameVirtualHost *:443

<VirtualHost *:443>
    ...
    ServerName ssl.server1.tld:443
    ...
    SSLCertificateFile /path/to/server1.crt
    SSLCertificateKeyFile /path/to/server1.key
    ...
</VirtualHost>

<VirtualHost *:443>
    ...
    ServerName ssl.server2.tld:443
    ...
    SSLCertificateFile /path/to/server2.crt
    SSLCertificateKeyFile /path/to/server2.key
    ...
</VirtualHost>

Browsing to either site brings up the certificate for server1 and never the certificate for server2.

Version-Release number of selected component (if applicable):
mod_ssl-2.0.52-12.1

How reproducible:
Always

Steps to Reproduce:
1. install httpd & mod_ssl
2. create certificate/key pairs for each virtual host (and remove the password)
3. configure apache to do name based virtual hosting and use different cert/key pairs for each host
  

Actual Results:  Only the first listed certificate is used.

Expected Results:  The certificate configured for each individual virtual host should be used.

Additional info:
Comment 1 Joe Orton 2005-07-28 03:09:10 EDT
Thanks for contacting us.

Unfortunately, it's not possible to use name-based vhosting with SSL; please see:

http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts1

Note You need to log in before you can comment on or make changes to this bug.