Silly SSL vhost problem

Silly SSL vhost problem

am 12.02.2010 17:54:34 von up

Hi:

I've been running various apache's for years, including with multiple SSL
vhosts, etc. I have three separate SSL vhosts on this particular
Apache/2.2.11 installation, and for some reason, of the three SSL vhosts
below, ssl2.our.domain works fine, www.customer.domain works fine, but
ssl.our.domain doesn't. It loads the certificate AND document foor from
ssl2.our.domain. They are each on different IPs as well.

Here is the httpd-ssl.conf file of the box. I must be doing something
wrong, but I haven't figured out what yet, so any clues would be
appreciated. IPs and host names changed for obvious reasons:

-----
Listen *:443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog exec:/path/to/ssl/passphrase/file
SSLSessionCache "shmcb:/var/run/ssl_scache(512000)"
SSLSessionCacheTimeout 300

SSLMutex "file:/var/run/ssl_mutex"



DocumentRoot "/usr/local/www/apache22/data"
ServerName ssl2.our.domain:443
ServerAdmin webmaster@our.domain
ErrorLog "/var/log/httpd-error.log"
TransferLog "/var/log/httpd-access.log"
php_admin_value suhosin.executor.func.blacklist (truncated)
SSLEngine on

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL

SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.crt"

SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.key"

BrowserMatch ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0

CustomLog "/var/log/httpd-ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"




DocumentRoot /usr/local/apache/htdocs/subdir
ServerName ssl.our.domain:443
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl.our.domain.crt"
SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl.our.domain.key"
CustomLog "/var/log/httpd-ssl_request.log" \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"



SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
ServerAdmin webmaster@customer.domain
SuexecUserGroup someuser somegroup
DocumentRoot /home/servers/customer.domain/pages
ServerName www.customer.domain:443
HostnameLookups Off
CustomLog /home/servers/customer.domain/access_log combined
ScriptAlias /cgi-bin/ "/home/servers/customer.domain/cgi-bin/"
SSLCertificateFile /usr/local/etc/apache22/ssl/www.customer.domain.crt
SSLCertificateKeyFile /usr/local/etc/apache22/ssl/www.customer.domain.key



James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am
============================================================ =============

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: Silly SSL vhost problem

am 12.02.2010 20:41:33 von up

Please disregard this...of all the things I didn;t check...the DNS! Doh!

On Fri, 12 Feb 2010, James Smallacombe wrote:

>
> Hi:
>
> I've been running various apache's for years, including with multiple SSL
> vhosts, etc. I have three separate SSL vhosts on this particular
> Apache/2.2.11 installation, and for some reason, of the three SSL vhosts
> below, ssl2.our.domain works fine, www.customer.domain works fine, but
> ssl.our.domain doesn't. It loads the certificate AND document foor from
> ssl2.our.domain. They are each on different IPs as well.
>
> Here is the httpd-ssl.conf file of the box. I must be doing something wrong,
> but I haven't figured out what yet, so any clues would be appreciated. IPs
> and host names changed for obvious reasons:
>
> -----
> Listen *:443
>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
>
> SSLPassPhraseDialog exec:/path/to/ssl/passphrase/file
> SSLSessionCache "shmcb:/var/run/ssl_scache(512000)"
> SSLSessionCacheTimeout 300
>
> SSLMutex "file:/var/run/ssl_mutex"
>
>
>
> DocumentRoot "/usr/local/www/apache22/data"
> ServerName ssl2.our.domain:443
> ServerAdmin webmaster@our.domain
> ErrorLog "/var/log/httpd-error.log"
> TransferLog "/var/log/httpd-access.log"
> php_admin_value suhosin.executor.func.blacklist (truncated)
> SSLEngine on
>
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
>
> SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.crt"
>
> SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl2.our.domain.key"
>
> BrowserMatch ".*MSIE.*" \
> nokeepalive ssl-unclean-shutdown \
> downgrade-1.0 force-response-1.0
>
> CustomLog "/var/log/httpd-ssl_request.log" \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
>
>
>
> DocumentRoot /usr/local/apache/htdocs/subdir
> ServerName ssl.our.domain:443
> SSLEngine on
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
> SSLCertificateFile "/usr/local/etc/apache22/ssl/ssl.our.domain.crt"
> SSLCertificateKeyFile "/usr/local/etc/apache22/ssl/ssl.our.domain.key"
> CustomLog "/var/log/httpd-ssl_request.log" \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
>
>
> SSLEngine on
> SSLCipherSuite
> ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+e NULL
> ServerAdmin webmaster@customer.domain
> SuexecUserGroup someuser somegroup
> DocumentRoot /home/servers/customer.domain/pages
> ServerName www.customer.domain:443
> HostnameLookups Off
> CustomLog /home/servers/customer.domain/access_log combined
> ScriptAlias /cgi-bin/ "/home/servers/customer.domain/cgi-bin/"
> SSLCertificateFile /usr/local/etc/apache22/ssl/www.customer.domain.crt
> SSLCertificateKeyFile /usr/local/etc/apache22/ssl/www.customer.domain.key
>
>
>
> James Smallacombe PlantageNet, Inc. CEO and Janitor
> up@3.am http://3.am
> ============================================================ =============
>
> ------------------------------------------------------------ ---------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

James Smallacombe PlantageNet, Inc. CEO and Janitor
up@3.am http://3.am
============================================================ =============

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org