[Modules] mod_gnutls and domains without its settings

Simon Josefsson simon at josefsson.org
Tue Aug 3 04:43:03 EDT 2010


Davide Mirtillo <davide at ser-tec.org> writes:

> Hello, i'm using mod_gnutls on a debian lenny install, the packages of
> apache and mod_gnutls itself are the ones included in the stable
> repository. I have a quite a bit of domains set up on the same machine,
> all of them are simple virtual hosts, since the software i'm using to
> manage the hosting enviroment has created them that way (ispcp omega).
> I have a couple of domains, among the ones i'm hosting, that require an
> https connection and i managed to set them up correctly creating
> additional virtual hosts that utilize the mod_gnutls module.
> This is the howto i followed to get ssl to work on those domains:
> http://isp-control.net/documentation/howto:multiple_ssl_certificates_on_a_single_ip_port_using_mod_gnutls
>
> I'm having a strange issue, though. If i try to visit a domain that has
> no virtual host entry for the https connection, apache is displaying the
> site with the ssl certificate of the first domain i specified on the ssl
> virtualhost config file.
>
> Is there any way i can stop this behaviour? I thought about adding a
> permanent redirect on every domain that does not have a ssl vhost, but
> i'd rather see what other options i have before doing that.

I don't know how to solve this, but how does mod_ssl handle this?
Assuming mod_ssl supports SNI at all, that is, I know it didn't for a
long time but maybe that has changed.

/Simon


More information about the Modules mailing list