sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sks-devel] Question: serving two different SSL certificates under Apach

From: John Zaitseff
Subject: [Sks-devel] Question: serving two different SSL certificates under Apache?
Date: Mon, 2 Jun 2014 06:05:50 +1000
User-agent: Mutt/1.5.21 (2010-09-15) 
Hi,

I am setting up https://keyserver.zap.org.au/ to be used by
hkps.pool.sks-keyservers.net.  I am trying to serve different SSL
certificates depending on the incoming hostname.  Does anyone know
if this is possible within the SAME VirtualHost configuration block
under Apache?

My current configuration includes:

  <VirtualHost *:11372 *:443>
      ServerAdmin address@hidden
      ServerName keyserver.zap.org.au
      ServerAlias *.sks-keyservers.net

      SSLEngine on

      # Only allow secure ciphers and protocols: SSLv3 and TLSv1
      SSLCipherSuite HIGH:MEDIUM:!ADH
      SSLProtocol all -SSLv2

      SSLCertificateFile /etc/ssl/certs/keyserver.pem
      SSLCertificateKeyFile /etc/ssl/private/keyserver.pem
      SSLCACertificateFile /etc/ssl/certs/ZAP_Group_CA_Root.pem

      <Proxy *>
          Order allow,deny
          Allow from all
      </Proxy>

      ProxyPass / http://127.0.0.1:11371/
      ProxyPassReverse / http://127.0.0.1:11371/
      ProxyVia On

      SetEnv proxy-nokeepalive 1

      ...
  </VirtualHost>

I know I can create a second VirtualHost block with
SSLCertificateFile, SSLCertificateKeyFile and SSLCACertificateFile
pointing to the sks-keyservers.net-generated certificates, but is it
possible to do this within the SAME VirtualHost block, based on
environment variables, etc.?

Yours truly,

John Zaitseff

--
John Zaitseff                    ,--_|\    The ZAP Group
Phone:  +61 2 9643 7737         /      \   Sydney, Australia
E-mail: address@hidden   \_,--._*   http://www.zap.org.au/
                                      v
reply via email to
[Prev in Thread] Current Thread [Next in Thread]