1
apache2 (2.2.13-2) unstable; urgency=high
3
* The new support for TLS Server Name Indication added in 2.2.12 causes
4
Apache to be stricter about certain misconfigurations involving name
5
based SSL virtual hosts. This may result in Apache refusing to start
6
with the logged error message:
8
Server should be SSL-aware but has no certificate configured
9
[Hint: SSLCertificateFile]
11
Up to 2.2.11, Apache accepted configurations where the necessary SSL
12
configuration statements were included in the first (default)
13
<Virtualhost *:443> block but not in subsequent <Virtualhost *:443>
14
blocks. Starting with 2.2.12, every VirtualHost block used with SSL must
15
contain the SSLEngine, SSLCertificateFile, and SSLCertificateKeyFile
16
directives (SSLCertificateKeyFile is optional in some cases).
18
When you encounter the above problem, the output of the command
20
egrep -ir '^[^#]*(sslcertificate|sslengine|virtualhost)' \
21
/etc/apache2/*conf* /etc/apache2/*enabled
23
may be useful to determine which VirtualHost sections need to be changed.
25
Also, formerly accidentially working constructs like
27
<VirtualHost *:80 *:443>
29
where one virtual host definition is used for both a non-ssl and a ssl
30
virtual host do not work anymore. You can achieve a similar effect with
33
Include /.../vhost.include
37
SSLCertificateFile ...
38
Include /.../vhost.include
41
-- Stefan Fritsch <sf@debian.org> Wed, 16 Sep 2009 20:14:59 +0200
1
43
apache2 (2.2.9-3) unstable; urgency=low
3
45
* The directive "NameVirtualHost *" has been changed to "NameVirtualHost