The Apache Haus Forum

Advanced search  


Welcome to Apache Haus Distribution Forum

Sorry Guest, you are banned from posting and sending personal messages on this forum.
Error: S4296
This ban is not set to expire.
Pages: [1]   Go Down

Author Topic: Multiple SSL vhost  (Read 4068 times)


  • Newbie
  • *
  • Offline Offline
  • Posts: 33
Multiple SSL vhost
« on: February 24, 2011, 02:24:42 PM »

has anyone success using it in windows?  ;D

i still can't use it .. seem it says my apache not support.. or something like that.

i'm using

- Apache 2.2.17 ( VC6 from official website )
- mod ssl that provide by them
- i also try the new one 1.0.0.d but it's not working

( it's only read the first vhost ssl )  ::)

any one have a clue ?


  • Jr. Member
  • **
  • Offline Offline
  • Posts: 72
Re: Multiple SSL vhost
« Reply #1 on: February 24, 2011, 03:37:05 PM »

I guess you mean "multiple ssl vhosts using same address and port".

It "just works" if your certificate covers all used hostnames (either it's wildcard one like "*", or it is for multiple names).

If you need to use multiple separate certificates, you must have Apache and OpenSSL with SNI support. I don't know if ASF release has it enabled. But even if it has, it's still problematic, because no IE version on XP supports it and there are still too many of them being used.


  • Administrator
  • Member Elite
  • *****
  • Offline Offline
  • Posts: 849
Re: Multiple SSL vhost
« Reply #2 on: February 24, 2011, 07:32:50 PM »

As far as I know ASF's are SNI ... I do not think Bill disables SNI when he builds OpenSSL.


  • Newbie
  • *
  • Offline Offline
  • Posts: 33
Re: Multiple SSL vhost
« Reply #3 on: February 25, 2011, 04:46:43 AM »

My Mistake  ;D

 actually it does work with a few condition  ;D

Test on

Apache ( apache build ) vc6
PHP 5.2.17 ( php build ) vc6
openssl 1.0.0.d ( gregg build ) vc6

when you set

SSLStrictSNIVHostCheck off

https will work with all browser but it will use the first certificate it found



it will only you certificate.

if you set

SSLStrictSNIVHostCheck on

it will redirect unsupported client to 403 error

and supported one will use the correct vhost certificate


before this i test it using chromeplus ( i didnt realized that the code is not using chrome 6++ ) instead of chromium 4 *sigh* thats why it only use the first cert it found :)

Pages: [1]   Go Up

Sitemap 1 2 3 4 5 6 7 8 9 10 11 12 13