[FX.php List] [OFF] The ongoing saga of adding multiple SSL certs on a web server

Dale Bengston dbengston at tds.net
Fri Jul 24 06:45:10 MDT 2009


I'm definitely keeping this one. Thanks everyone!

Dale


On Jul 23, 2009, at 10:06 PM, Bob Patin wrote:

> See, that's why I stay on this list...
>
> You made me realize what I had done wrong: I had ONE listing in my  
> server list, for the SSL cert, and pointing to the IP that I  
> allocated to this cert.
>
> What I hadn't done was to put in a 2nd listing for the same domain  
> name, on port 80, without the cert.
>
> As you said, the server config looked to see if the site existing on  
> port 80 on the server's main IP, didn't find it, and just went to  
> the first site on the list.
>
> Thanks!
>
> Bob
>
> Bob Patin
> Longterm Solutions
> bob at longtermsolutions.com
> 615-333-6858
> http://www.longtermsolutions.com
> Twitter: bobpatin
> iChat: bobpatin
> AIM: longterm1954
> FileMaker 9 Certified Developer
> Member of FileMaker Business Alliance & FileMaker TechNet
> --------------------------
> FileMaker hosting and consulting for all versions of FileMaker
> Web hosting • PHP • Full email services • Free DNS hosting •  
> Colocation • Consulting
>
>
> Leo Lundgren wrote:
>
>> Hi,
>>
>> Since the HTTPS site and the HTTPS site should probably be two  
>> different virtual hosts in your configuration (the first one for  
>> HTTP listening on $clientsIp and port 80, and the second one  
>> listening on $clientsIp port 443), I'd start by looking at what is  
>> wrong with the configuration for the HTTP virtual host.
>>
>> When you say "when you *don't* invoke the certificate", I presume  
>> you mean "when you go to http://client.com instead of https://client.com 
>> ", right?
>>
>> It sounds like maybe you have the wrong IP (not the one that  
>> client.com is pointed to in DNS) in the virtual host configuration  
>> for that site, or maybe you haven't correctly set the ServerName  
>> and possibly the ServerAlias. If the latter two doesn't match the  
>> requested domain, then Apache will kindly show respond with the  
>> first/default site, since it doesn't know what else it should do.
>>
>> So in short, start by checking the HTTP vhost, for IP, port,  
>> ServerName and ServerAlias.
>>
>>
>> 22 jul 2009 kl. 03.40 skrev Bob Patin:
>>
>>> As some of you will recall, I had a problem a couple of months  
>>> when trying to add a 2nd SSL cert to a web server.
>>>
>>> Leo properly informed me that I needed to assign the 2nd site to  
>>> its own IP, and that would allow the cert to work... that fixed  
>>> the problem on that web server.
>>>
>>> So today, another client asked me to setup an SSL cert on her  
>>> site, so I bought and installed one (different web server).
>>>
>>> I assigned it to its own IP address, added the IP to the server-- 
>>> no problem. The site responds when you use "https" to invoke the  
>>> cert.
>>>
>>> THE PROBLEM: It doesn't respond when you *don't* invoke the  
>>> certificate; instead, the 1st site in my server config list  
>>> responds.
>>>
>>> What am I missing here? No matter what I try, the site just  
>>> doesn't respond without invoking the certificate.
>>>
>>> Any help would be greatly appreciated; I can't turn this cert on  
>>> now...
>>>
>>> Thanks,
>>>
>>> Bob Patin
>>>
>>>
>>> <new_logo_idea3_120w.jpg>
>>>
>>>
>>>
>>> Longterm Solutions
>>> bob at longtermsolutions.com
>>> 615-333-6858
>>> http://www.longtermsolutions.com
>>> iChat: bobpatin
>>> FileMaker 10 Certified Developer
>>> Member of FileMaker Business Alliance and FileMaker TechNet
>>> --------------------------
>>> FileMaker hosting and consulting for all versions of FileMaker
>>> PHP • Full email services • Free DNS hosting • Colocation •  
>>> Consulting
>>>
>>> _______________________________________________
>>> FX.php_List mailing list
>>> FX.php_List at mail.iviking.org
>>> http://www.iviking.org/mailman/listinfo/fx.php_list
>>
>>
>> -|
>>
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
>
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



More information about the FX.php_List mailing list