[FX.php List] [OFF] The ongoing saga of adding multiple SSL certs on a web server

Bob Patin bob at patin.com
Thu Jul 23 21:06:48 MDT 2009


See, that's why I stay on this list...

You made me realize what I had done wrong: I had ONE listing in my  
server list, for the SSL cert, and pointing to the IP that I allocated  
to this cert.

What I hadn't done was to put in a 2nd listing for the same domain  
name, on port 80, without the cert.

As you said, the server config looked to see if the site existing on  
port 80 on the server's main IP, didn't find it, and just went to the  
first site on the list.

Thanks!

Bob

Bob Patin
Longterm Solutions
bob at longtermsolutions.com
615-333-6858
http://www.longtermsolutions.com
Twitter: bobpatin
iChat: bobpatin
AIM: longterm1954
FileMaker 9 Certified Developer
Member of FileMaker Business Alliance & FileMaker TechNet
--------------------------
FileMaker hosting and consulting for all versions of FileMaker
Web hosting • PHP • Full email services • Free DNS hosting •  
Colocation • Consulting


Leo Lundgren wrote:

> Hi,
>
> Since the HTTPS site and the HTTPS site should probably be two  
> different virtual hosts in your configuration (the first one for  
> HTTP listening on $clientsIp and port 80, and the second one  
> listening on $clientsIp port 443), I'd start by looking at what is  
> wrong with the configuration for the HTTP virtual host.
>
> When you say "when you *don't* invoke the certificate", I presume  
> you mean "when you go to http://client.com instead of https://client.com 
> ", right?
>
> It sounds like maybe you have the wrong IP (not the one that  
> client.com is pointed to in DNS) in the virtual host configuration  
> for that site, or maybe you haven't correctly set the ServerName and  
> possibly the ServerAlias. If the latter two doesn't match the  
> requested domain, then Apache will kindly show respond with the  
> first/default site, since it doesn't know what else it should do.
>
> So in short, start by checking the HTTP vhost, for IP, port,  
> ServerName and ServerAlias.
>
>
> 22 jul 2009 kl. 03.40 skrev Bob Patin:
>
>> As some of you will recall, I had a problem a couple of months when  
>> trying to add a 2nd SSL cert to a web server.
>>
>> Leo properly informed me that I needed to assign the 2nd site to  
>> its own IP, and that would allow the cert to work... that fixed the  
>> problem on that web server.
>>
>> So today, another client asked me to setup an SSL cert on her site,  
>> so I bought and installed one (different web server).
>>
>> I assigned it to its own IP address, added the IP to the server--no  
>> problem. The site responds when you use "https" to invoke the cert.
>>
>> THE PROBLEM: It doesn't respond when you *don't* invoke the  
>> certificate; instead, the 1st site in my server config list responds.
>>
>> What am I missing here? No matter what I try, the site just doesn't  
>> respond without invoking the certificate.
>>
>> Any help would be greatly appreciated; I can't turn this cert on  
>> now...
>>
>> Thanks,
>>
>> Bob Patin
>>
>>
>> <new_logo_idea3_120w.jpg>
>>
>>
>>
>> Longterm Solutions
>> bob at longtermsolutions.com
>> 615-333-6858
>> http://www.longtermsolutions.com
>> iChat: bobpatin
>> FileMaker 10 Certified Developer
>> Member of FileMaker Business Alliance and FileMaker TechNet
>> --------------------------
>> FileMaker hosting and consulting for all versions of FileMaker
>> PHP • Full email services • Free DNS hosting • Colocation •  
>> Consulting
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
>
> -|
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



More information about the FX.php_List mailing list