[Modules] mod_gnutls and domains without its settings

Davide Mirtillo davide at ser-tec.org
Tue Aug 3 04:56:28 EDT 2010


On Tue, Aug 3, 2010 at 10:43 AM, Simon Josefsson <simon at josefsson.org> wrote:
> Davide Mirtillo <davide at ser-tec.org> writes:
>> I'm having a strange issue, though. If i try to visit a domain that has
>> no virtual host entry for the https connection, apache is displaying the
>> site with the ssl certificate of the first domain i specified on the ssl
>> virtualhost config file.
>>
>> Is there any way i can stop this behaviour? I thought about adding a
>> permanent redirect on every domain that does not have a ssl vhost, but
>> i'd rather see what other options i have before doing that.
>
> I don't know how to solve this, but how does mod_ssl handle this?
> Assuming mod_ssl supports SNI at all, that is, I know it didn't for a
> long time but maybe that has changed.
>

I think SNI has been introduced for mod_ssl into newer packages, (i.e.
in the testing/unstable repos) but running a mixed debian system could
be troublesome in a production enviroment. I haven't tried mod_ssl
because of that. I don't know if this issue is caused by my mod_gnutls
config or if it's an error on my apache config. Am i supposed to
declare a corresponding https virtual host for every plain http one?

-- 
Davide Mirtillo


More information about the Modules mailing list