On Sun, 25 Dec 2016, at 12:24 PM, Olivier wrote: > Hello all, > > I would like to know, what is the best practice to manage multilple https > servers with httpd. I installed 2 certificates for both hostname below: > > _ daenerys.burelli.fr > _ cloud.burelli.fr > > I would like to redirect all request for: > > _ http://daenerys.burelli.fr to https://cloud.burelli.fr → OK > _ http://cloud.burelli.fr to https://cloud.burelli.fr:444 → > KO - however the certificate is ok when I try to reach directly > https://cloud.burelli.fr:444 > > I would like to avoid to obtain the followings message for second https > server: SSL_ERROR_BAD_CERT_DOMAIN (The certificate is only valid for the > following names: daenerys.burelli.fr, www.daenerys.burelli.fr) > > Part of my httpd.conf: > > server "daenerys.burelli.fr" { > listen on $ext_addr port 80 > block return 301 "https://$SERVER_NAME$REQUEST_URI"; > } > > server "daenerys.burelli.fr" { > alias "www.burelli.fr" > listen on $ext_addr tls port 443 > (…) > } > > server "cloud.burelli.fr" { > listen on $ext_addr port 80 > block return 301 "https://cloud.burelli.fr:444/$REQUEST_URI"; > } > > server "cloud.burelli.fr" { > listen on $ext_addr tls port 444 > (…) > } > > I tried also with: block return 301 https://$SERVER_NAME:444$REQUEST_URI > or > block return 301 https://cloud.burelli.fr:444$REQUEST_URI > > What is the right way to rewrite the URL? > > Thanks in advance for your help and support. > > Olivier. >
Seems like httpd is using the first cert for both domains. Are you using the "tls certificate *file*" option?
