diff options
| author | Dirk-Willem van Gulik <dirkx@apache.org> | 2008-02-11 23:11:41 +0100 |
|---|---|---|
| committer | Dirk-Willem van Gulik <dirkx@apache.org> | 2008-02-11 23:11:41 +0100 |
| commit | 769c432909a7cf64f3f9d1283e2cc190cf968f17 (patch) | |
| tree | c3f944da4c9758767774c484e5d3f3188ee59d8a /test/make_sni.sh | |
| parent | Addition of a test script which creates a Sample/test configuration for insta... (diff) | |
| download | apache2-769c432909a7cf64f3f9d1283e2cc190cf968f17.tar.xz apache2-769c432909a7cf64f3f9d1283e2cc190cf968f17.zip | |
Clarify the text a little and use the vhost terminology.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@620635 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'test/make_sni.sh')
| -rw-r--r-- | test/make_sni.sh | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/test/make_sni.sh b/test/make_sni.sh index fcf1d6c5b6..f9ad6d348c 100644 --- a/test/make_sni.sh +++ b/test/make_sni.sh @@ -28,11 +28,11 @@ NAMES=${NAMES:-ape nut pear apple banana} args=`getopt fd:D: $*` if [ $? != 0 ]; then - echo "Syntax: $0 [-f] [-d outdir] [-D domain ] [two or more server names ]" + echo "Syntax: $0 [-f] [-d outdir] [-D domain ] [two or more vhost names ]" echo " -f Force overwriting of outdir (default is $DIR)" echo " -d dir Directory to create the SNI test server in (default is $DIR)" echo " -D domain Domain name to use for this test (default is $DOMAIN)" - echo " [names] List of optional server names (default is $NAMES)" + echo " [names] List of optional vhost names (default is $NAMES)" echo echo "Example:" echo " $0 -D SecureBlogsAreUs.com peter fred mary jane ardy" @@ -59,7 +59,7 @@ do done if [ $# = 1 ]; then - echo "Aborted - just specifing one servername makes no sense for SNI testing. Go wild !" + echo "Aborted - just specifing one vhost makes no sense for SNI testing. Go wild !" exit 1 fi @@ -224,23 +224,26 @@ server against it with .../httpd -f ${DIR}/httpd-sni.conf -and keep an eye on ${DIR}/logs/... Note that you will see an entries -like +and keep an eye on ${DIR}/logs/... When everything +is fine you will see an entries like: Feb 11 16:12:26 2008] [debug] Init: SSL server IP/port overlap: ape.*:443 (httpd-sni.conf:24) vs. jane.*:443 (httpd-sni.conf:42) -and a concluding warning +for each vhost configured and a concluding warning: + [Mon Feb 11 16:12:26 2008] [warn] Init: Name-based SSL virtual hosts only work for clients with TLS server name indication support (RFC 4366) -If you see an entry like +HOWEVER - If you see an entry like [Mon Feb 11 15:41:41 2008] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!! -then you are either using an OpenSSL which is too old, or you need to ensure that the -TLS Extensions are compiled into openssl with the 'enable-tlsext' flag. +then you are either using an OpenSSL which is too old and/or you need to ensure that the +TLS Extensions are compiled into openssl with the 'enable-tlsext' flag. Once you have +recompiled or reinstalled OpenSSL with TLS Extensions you will have to recompile mod_ssl +to allow it to recognize SNI support. Meanwhile add 'hosts' to your c:\windows\system32\drivers\etc\hosts or /etc/hosts file as to point the various URL's to your server: |