mod_gnutls: NameVirtualHost gets wrong Cert

Charley Collins charley.internet at collins.ch
Fri Oct 10 09:16:24 CEST 2008


Hi

Everything works fine, if I have only one virtual host.
If I configure a second one and go with a browser to the first site, I  
come in trouble:
On Firefox it works well. With IE7 the browser get the right site but  
the wrong certificate, this one of the second configured site! I t  
looks like the VirtualName service is not working in mod_gnutls.

I hope someone can help me...
Pleas check my configuration above:

Linux Centos 5.2
http: 2.2.3-11
mod_gnutls: 0.2.0-1
gnutls: 1.4.1-3

I found only this old version for centos binary.
I tried compiling the actual version from source, but it ends apache  
without any message or errormessage...


Configuration

mod_gnutls.conf:

LoadModule gnutls_module modules/libmod_gnutls.so
AddType application/x-x509-ca-cert .crt
GnuTLSCache dbm "/var/cache/mod_gnutls_cache"
GnuTLSCacheTimeout 300
Listen 195.2.228.126:443
NameVirtualHost 195.2.228.126:443
Include /etc/httpd/conf/sslvhosts/*.conf

/etc/httpd/conf/sslvhosts/shop.moon-shop.com.conf: (Works fine, if  
only this file exists in sslvhosts)

<VirtualHost 195.2.228.126:443>
         ServerAdmin ###@#####.###     # anti spam
         GnuTLSEnable on
         GnuTLSCertificateFile /etc/httpd/ssl/shop.moon-shop.com.crt
         GnuTLSKeyFile /etc/httpd/ssl/shop.moon-shop.com.key
         #GnuTLSPriorities NORMAL
         DocumentRoot /var/www/shop.moon-shop.com/htdocs/joomla
         ServerName shop.moon-shop.com
         DirectoryIndex index.php
         ErrorLog /var/www/shop.moon-shop.com/log/ssl_error.log
         CustomLog /var/www/shop.moon-shop.com/log/ssl_access.log common
         AddType application/x-httpd-php .php
         #php_admin_flag safe_mode On
         php_admin_value file_uploads 1
         php_admin_value upload_tmp_dir /var/www/shop.moon-shop.com/ 
phptmp/
         php_admin_value session.save_path /var/www/shop.moon-shop.com/ 
phptmp/
         AddType text/html .shtml
         AddOutputFilter INCLUDES .shtml
</VirtualHost>

/etc/httpd/conf/sslvhosts/customer.moon-shop.com.conf: (cert of this  
conf will be deliered in shop if this file exists)

<VirtualHost 195.2.228.126:443>
         ServerAdmin ###@#####.###     # anti spam
         GnuTLSEnable on
         GnuTLSCertificateFile /etc/httpd/ssl/customer.moon-shop.com.crt
         GnuTLSKeyFile /etc/httpd/ssl/customer.moon-shop.com.key
         DocumentRoot /var/turbogears/turbotest
         ServerName customer.moon-shop.com:443
         ErrorLog /var/log/httpd/ssl_error-test.log
         CustomLog /var/log/httpd/ssl_access-test.log common
</VirtualHost>

Thank you for your help

Kind Regards
Charley





More information about the Gnutls-devel mailing list