Red Hat Bugzilla – Bug 164475
SSLCertificateFile only obeyed once
Last modified: 2007-11-30 17:07:19 EST
From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20041013 Firefox/0.9.3 (Ubuntu) Description of problem: I am doing name-based virtual hosting for a number of ssl sites and it appears that only the first instance of the SSLCertificateFile directive is being used. For instance (in /etc/httpd/conf.d/ssl.conf): ... NameVirtualHost *:443 <VirtualHost *:443> ... ServerName ssl.server1.tld:443 ... SSLCertificateFile /path/to/server1.crt SSLCertificateKeyFile /path/to/server1.key ... </VirtualHost> <VirtualHost *:443> ... ServerName ssl.server2.tld:443 ... SSLCertificateFile /path/to/server2.crt SSLCertificateKeyFile /path/to/server2.key ... </VirtualHost> Browsing to either site brings up the certificate for server1 and never the certificate for server2. Version-Release number of selected component (if applicable): mod_ssl-2.0.52-12.1 How reproducible: Always Steps to Reproduce: 1. install httpd & mod_ssl 2. create certificate/key pairs for each virtual host (and remove the password) 3. configure apache to do name based virtual hosting and use different cert/key pairs for each host Actual Results: Only the first listed certificate is used. Expected Results: The certificate configured for each individual virtual host should be used. Additional info:
Thanks for contacting us. Unfortunately, it's not possible to use name-based vhosting with SSL; please see: http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts1