Ah, so SNI is dependent on the operating system, not the version of Apache HTTPD installed?
I had read about SNI and understood the basics of it, but assumed that it was a function of HTTPD version rather than older OS version. Thanks for your help. David On Wed, Aug 29, 2018 at 11:00 AM, Jonathan Sélea <jonat...@selea.se> wrote: > I am very sure that this has to do with the fact that older machines > simply does not have support for SNI. > > > On 2018-08-29 16:28, David Rush wrote: > >> I'm running httpd 2.4.12 on Windows Server 2003. >> >> We have things set up and working with http and https using the >> primary host name (fully qualified). >> >> We need for a different domain (same hostname) to work with https. >> >> These both need to work: >> >> https://myhost.domain1.org - this works fine >> >> https://myhost.domain2.org - I can't get this to work >> >> I have certificates (and key files) for both domains (the first being >> unique to the FQDN, the second being a wildcard for *.domain2.org >> [1]). >> >> I have <VirtualHost *:443> blocks set up with ServerName >> myhost.domain1.org [2] in one, and ServerName myhost.domain2.org [3] >> in the other. Each specifies its proper cert and key files, and >> unique DocumentRoot locations. >> >> httpd.exe -S clearly indicates both VirtualHosts found, no errors (no >> errors from httpd.exe -t, either). >> >> It appears that the first certificate is always being served >> regardless of which host name is used in the browser. Also, the 2nd >> (domain2.org [1]) config has a different DocumentRoot, but when I tell >> the browser to ignore the security warnings I'm being delivered >> content from the domain1.org [4] DocumentRoot. >> >> Help! >> >> David >> >> E-Mail to and from me, in connection with the transaction >> of public business, is subject to the Wyoming Public Records >> Act and may be disclosed to third parties. >> >> >> Links: >> ------ >> [1] http://domain2.org >> [2] http://myhost.domain1.org >> [3] http://myhost.domain2.org >> [4] http://domain1.org >> > > -- > Jonathan Sélea > > PGP Key: 0x8B35B3C894B964DD > Fingerprint: 4AF2 10DE 996B 673C 0FD8 AFA0 8B35 B3C8 94B9 64DD > https://jonathanselea.se > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- E-Mail to and from me, in connection with the transaction of public business, is subject to the Wyoming Public Records Act and may be disclosed to third parties.
