mod_gnutls: NameVirtualHost gets wrong Cert

Charley Collins charley.internet at
Wed Oct 15 22:19:59 CEST 2008

Thank you for your answers.

IE7, Firfox and Opera 8 support Server Name Indication, but I did not 
know that IE7 on Xp does NOT support Server Name Indication. This was my 


Daniel Kahn Gillmor schrieb:
> On Wed 2008-10-15 04:59:39 -0400, Sebastien Decugis wrote:
>> According to your configuration file, you are using two virtualhosts
>> with the same IP address and different names. It is impossible to
>> use https in this configuration.
> This is no longer the case with modern TLS clients, and the poster has
> a legitimate question.  For example, for years now people have been
> able to use a single certificate with a single TLS service (on a
> single port of a single IP address) with all target names listed in an
> X.509v3 SubjectAltName extension in the certificate itself.
> But the OP is asking about being able to switch certificates based on
> the host name, which is a TLS extension known as "Server Name
> Indication".  Please see:
> The question is very much relevant to gnutls, since mod_gnutls is one
> of the first apache modules to implement support for this extension.
> Sorry i don't have any answers myself!
>    --dkg

More information about the Gnutls-devel mailing list