just installed certificate and I"m getting the wrong site...

------=_Part_13121_31140017.1198791015982
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi folks,

I'm a complete newbie to this stuff, and I need a little more help.

I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first
problem after I installed the certificate is that we apparently had an old
self-signed certificate installed. So, once I figured out that the SSL
directives were in the conf.d/ssl.conf and not in conf/httpd.conf, I was
able to put my certificate information in that file and now our server is
using our real certificate and not the self-signed one.

Our server runs multiple domains using virtual hosting, and I've read
through the archives enough to find out that I can't do named virtual host
with SSL. That's fine. My problem now is that when I browse to:
https://mysecuredomain.com, I'm getting sent to another one of our other
domains (wrongdomain.com -- for the sake of discussion) except that the URL
in the address bar still says: https://mysecuredomain.com.

I'm confused. I've searched through the archives, but can't seem to find out
how this is happening.

Here's another strange bit. We've got an old version and a newer version of
"wrongdomain.com" and when I browse to http://wrongdomain.com I get the new
version. When I browse to https://wrongdomain.com I get the *old* version of
the site -- just as I do when I browse to https://mysecuredomain.com...

I hope I'm explaining this well enough. I really need help on how to get
things working properly.

The other thing that I'm curious about is whether we'll be able to secure
any of our other domains hosted from this box in the future if we need to.
From the reading I've done I'm thinking that's going to be a 'No', but what
if we use the same certificate for all sites? That may be a dumb question,
but again, I'm a genuine newbie here.

My main concern is about the first part of this post... the side question
about multiple domains is less important to me, but I'd still like to know.
I sure hope someone can help me.

Thanks heaps,
Chris


--
http://cjordan.us

------=_Part_13121_31140017.1198791015982
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Hi folks,

I'm a complete newbie to this stuff, and I need a little more help.

I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first problem after I installed the certificate is that we apparently had an old self-signed certificate installed. So, once I figured out that the SSL directives were in the
conf.d/ssl.conf and not in conf/httpd.conf, I was able to put my certificate information in that file and now our server is using our real certificate and not the self-signed one.

Our server runs multiple domains using virtual hosting, and I've read through the archives enough to find out that I can't do named virtual host with SSL. That's fine. My problem now is that when I browse to:
-- for the sake of discussion) except that the URL in the address bar still says:
.

I'm confused. I've searched through the archives, but can't seem to find out how this is happening.

Here's another strange bit. We've got an old version and a newer version of "
I get the new version. When I browse to https://wrongdomain.com
I get the *old* version of the site -- just as I do when I browse to ..

I hope I'm explaining this well enough. I really need help on how to get things working properly.


The other thing that I'm curious about is whether we'll be able to secure any of our other domains hosted from this box in the future if we need to. From the reading I've done I'm thinking that's going to be a 'No', but what if we use the same certificate for all sites? That may be a dumb question, but again, I'm a genuine newbie here.


My main concern is about the first part of this post... the side question about multiple domains is less important to me, but I'd still like to know. I sure hope someone can help me.

Thanks heaps,
Chris





--


------=_Part_13121_31140017.1198791015982--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: just installed certificate and I"m getting the wrong site...

------=_Part_15031_24567369.1198856440133
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Sorry for bumping my own post, but I'm really in need of help here. I'm at a
loss. Maybe it's because folks are on holiday given the time of year, but if
anyone thinks they can help, I'd very much appreciate it. :o)

Thanks,
Chris

On Dec 27, 2007 3:30 PM, Chris Jordan wrote:

> Hi folks,
>
> I'm a complete newbie to this stuff, and I need a little more help.
>
> I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6). My first
> problem after I installed the certificate is that we apparently had an old
> self-signed certificate installed. So, once I figured out that the SSL
> directives were in the conf.d/ssl.conf and not in conf/httpd.conf, I was
> able to put my certificate information in that file and now our server is
> using our real certificate and not the self-signed one.
>
> Our server runs multiple domains using virtual hosting, and I've read
> through the archives enough to find out that I can't do named virtual host
> with SSL. That's fine. My problem now is that when I browse to:
> https://mysecuredomain.com, I'm getting sent to another one of our other
> domains (wrongdomain.com -- for the sake of discussion) except that the
> URL in the address bar still says: https://mysecuredomain.com.
>
> I'm confused. I've searched through the archives, but can't seem to find
> out how this is happening.
>
> Here's another strange bit. We've got an old version and a newer version
> of " wrongdomain.com" and when I browse to http://wrongdomain.com I get
> the new version. When I browse to https://wrongdomain.com I get the *old*
> version of the site -- just as I do when I browse to
> https://mysecuredomain.com...
>
> I hope I'm explaining this well enough. I really need help on how to get
> things working properly.
>
> The other thing that I'm curious about is whether we'll be able to secure
> any of our other domains hosted from this box in the future if we need to.
> From the reading I've done I'm thinking that's going to be a 'No', but what
> if we use the same certificate for all sites? That may be a dumb question,
> but again, I'm a genuine newbie here.
>
> My main concern is about the first part of this post... the side question
> about multiple domains is less important to me, but I'd still like to know.
> I sure hope someone can help me.
>
> Thanks heaps,
> Chris
>
>
> --
> http://cjordan.us




--
http://cjordan.us

------=_Part_15031_24567369.1198856440133
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

Sorry for bumping my own post, but I'm really in need of help here. I'm at a loss. Maybe it's because folks are on holiday given the time of year, but if anyone thinks they can help, I'd very much appreciate it. :o)


Thanks,
Chris

Re: just installed certificate and I"m getting the wrong site...

Hi Chris,

This sounds to me like more of an apache configuration problem.
Perhaps if you posted some bits of your httpd.conf someone could spot
the problem.

Could you clarify on the old and new versions of wrongdomain.com? Are
both still present on your server with the old one residing in
another directory?

It sounds to me like when you come through to your server from
mysecuredomain.com, via https you come through to the first virtual
directory / host whioch is wrondomain.com, because they're both on
the same IP. What happens if you switch the order of your virtual
hosts, do you come through to a different site?

I'd be switching my conf files about to experiment and see what
happens in order to figure out the problem.

Glyn=20


--- Chris Jordan wrote:

> Sorry for bumping my own post, but I'm really in need of help here.
> I'm at a
> loss. Maybe it's because folks are on holiday given the time of
> year, but if
> anyone thinks they can help, I'd very much appreciate it. :o)
>=20
> Thanks,
> Chris
>=20
> On Dec 27, 2007 3:30 PM, Chris Jordan
> wrote:
>=20
> > Hi folks,
> >
> > I'm a complete newbie to this stuff, and I need a little more
> help.
> >
> > I'm running apache 2.2.4 on a Fadora Core 6 (2.6.20-1.292.fc6).
> My first
> > problem after I installed the certificate is that we apparently
> had an old
> > self-signed certificate installed. So, once I figured out that
> the SSL
> > directives were in the conf.d/ssl.conf and not in
> conf/httpd.conf, I was
> > able to put my certificate information in that file and now our
> server is
> > using our real certificate and not the self-signed one.
> >
> > Our server runs multiple domains using virtual hosting, and I've
> read
> > through the archives enough to find out that I can't do named
> virtual host
> > with SSL. That's fine. My problem now is that when I browse to:
> > https://mysecuredomain.com, I'm getting sent to another one of
> our other
> > domains (wrongdomain.com -- for the sake of discussion) except
> that the
> > URL in the address bar still says: https://mysecuredomain.com.
> >
> > I'm confused. I've searched through the archives, but can't seem
> to find
> > out how this is happening.
> >
> > Here's another strange bit. We've got an old version and a newer
> version
> > of " wrongdomain.com" and when I browse to
> http://wrongdomain.com I get
> > the new version. When I browse to https://wrongdomain.com I get
> the *old*
> > version of the site -- just as I do when I browse to
> > https://mysecuredomain.com...
> >
> > I hope I'm explaining this well enough. I really need help on how
> to get
> > things working properly.
> >
> > The other thing that I'm curious about is whether we'll be able
> to secure
> > any of our other domains hosted from this box in the future if we
> need to.
> > From the reading I've done I'm thinking that's going to be a
> 'No', but what
> > if we use the same certificate for all sites? That may be a dumb
> question,
> > but again, I'm a genuine newbie here.
> >
> > My main concern is about the first part of this post... the side
> question
> > about multiple domains is less important to me, but I'd still
> like to know.
> > I sure hope someone can help me.
> >
> > Thanks heaps,
> > Chris
> >
> >
> > --
> > http://cjordan.us
>=20
>=20
>=20
>=20
> --=20
> http://cjordan.us
>=20



__________________________________________________________
Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: just installed certificate and I"m getting the wrong site...

From your description it sounds like you have a
virtual host defining the new version of
wrongdomain.com plus you have a global definition of
the old version of wrongdomain.com.

Then it sounds like you have not specified the data
location inside the virtual host where you define
mysecuredomain.com, so that you are picking up the
global definition.

Cure in this scenario is to override the global
configuration information inside the virtual host for
mysecuredomain.com (or if you do not have a virtual
host for mysecuredomain.com, create one).

As for the problem of https://wrongdomain.com
responding, recall that there can be only one port 443
per ip address, and Apache does not look at domain
names in deciding to serve https, only the ip address.

Cure: I think you can use rewrite rules to direct
traffic addressed to https://wrongdomain.com to a
"safe" directory (I have not tried this). Or see
below.

As for serving more than one secure web site from a
single computer, yes you can do this, but recall the
limit of one port 443 per ip address. =20

You can either arrange for your computer to have
multiple ip addresses (add multiple NIC cards or dink
around with the ifconfig or other etc files depending
on your flavor of Unixoid OS), and then run multiple
instances of Apache listening on different ip
addresses. Be sure that your separate instances of
Apache define different locations for their
housekeeping files. This will also solve your
https://wrongdomain.com problem.

Or, you can use a port other than 443 for https with a
single ip address, but this is ugly if the user has to
type in the URL. Not sure if a single instance of
Apache can handle two different secure ports in
different virtual hosts, but you certainly can use
separate instances of Apache on the same box.

Regards,

orville

www.weyrich.com

--- Chris Jordan wrote:

> Hi folks,
>=20
> I'm a complete newbie to this stuff, and I need a
> little more help.
>=20
> I'm running apache 2.2.4 on a Fadora Core 6
> (2.6.20-1.292.fc6). My first
> problem after I installed the certificate is that we
> apparently had an old
> self-signed certificate installed. So, once I
> figured out that the SSL
> directives were in the conf.d/ssl.conf and not in
> conf/httpd.conf, I was
> able to put my certificate information in that file
> and now our server is
> using our real certificate and not the self-signed
> one.
>=20
> Our server runs multiple domains using virtual
> hosting, and I've read
> through the archives enough to find out that I can't
> do named virtual host
> with SSL. That's fine. My problem now is that when I
> browse to:
> https://mysecuredomain.com, I'm getting sent to
> another one of our other
> domains (wrongdomain.com -- for the sake of
> discussion) except that the URL
> in the address bar still says:
> https://mysecuredomain.com.
>=20
> I'm confused. I've searched through the archives,
> but can't seem to find out
> how this is happening.
>=20
> Here's another strange bit. We've got an old version
> and a newer version of
> "wrongdomain.com" and when I browse to
> http://wrongdomain.com I get the new
> version. When I browse to https://wrongdomain.com I
> get the *old* version of
> the site -- just as I do when I browse to
> https://mysecuredomain.com...
>=20
> I hope I'm explaining this well enough. I really
> need help on how to get
> things working properly.
>=20
> The other thing that I'm curious about is whether
> we'll be able to secure
> any of our other domains hosted from this box in the
> future if we need to.
> From the reading I've done I'm thinking that's going
> to be a 'No', but what
> if we use the same certificate for all sites? That
> may be a dumb question,
> but again, I'm a genuine newbie here.
>=20
> My main concern is about the first part of this
> post... the side question
> about multiple domains is less important to me, but
> I'd still like to know.
> I sure hope someone can help me.
>=20
> Thanks heaps,
> Chris
>=20
>=20
> --=20
> http://cjordan.us
>=20



____________________________________________________________ _______=
_________________
Be a better friend, newshound, and=20
know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_y=
lt=3DAhu06i62sR8HDtDypao8Wcj9tAcJ=20


____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org