Thanks Nathan.  That didn't make a change but it was worth a try.  What version of IBM i are you on (7.4 TR2 here)

Pete Helgren
GIAC Secure Software Programmer-Java
AWS Certified Cloud Practitioner
Twitter - Sys_i_Geek IBM_i_Geek

On 4/1/2021 5:25 PM, Nathan Andelin wrote:

My HTTP configuration is very similar to yours; hosting multiple SSL sites.

I use an IP address assigned by my ISP rather than * on the VirtualHost
I don't use the SSLServerCert, nor the ProxyPreserveHost directives.

I don't know if it will make a difference, but thought it might be worth a


On Thu, Apr 1, 2021 at 2:01 PM Pete Helgren <pete@xxxxxxxxxx> wrote: most of what I needed working on the HTTP server once I
updated PHP, so I added back my SSL certs through DCM. I have 6
vhosts, 3 of which use SSL. These all worked on my 7.2 box. I grabbed
the http.conf files because it worked so well and I didn't want to lose
the config that worked. It no longer does.

What I discovered a few years back that if you want to use SSL in
virtual host configurations, the secret was using these directives (in
my reverse proxy):

<VirtualHost *:443>

SSLEngine On
SSLAppName QIBM_HTTP_SERVER_WEBSITE (From SSL config and assigning
certificate to application)
SSLProtocolDisable SSLv2 SSLv3
SSLServerCert "website" (Actual name of certificate label in DCM)

ProxyPreserveHost on

ProxyPass /
ProxyPassReverse /


So, I have three of these and they have identical formats except for the
names and the proxy redirects. So, the SSL is fine on website 1. I get
a "Your connection is not private" error on website 2 because it picks
up the cert from website 1. Website 3 is fine.

So, I thought maybe there is something wrong with the certificate. So I
swapped website 1 and 2 in the listing order. Now the original 2nd
website is listed first. Now the "website 2" that is the first vhost
entry is fine but number 1 is in error, complaining this time the
certificate for website 2 (listed first now) is incorrect. It doesn't
seem to be honoring the SSLAppName or SSLServerCert on the second vhost.
Website 3 is still fine.

It is only those two SSL virtual hosts that have this issue. AND, they
were working before. The third website works fine regardless of the
order the virtual host entries are in. Weirder still, even if I get the
error on the cert on the website, I can go to
and test the certificate and it returns the correct certificate for the
correct website and an "A" rating.

Anyone seen this before? I am stumped.....

Pete Helgren
GIAC Secure Software Programmer-Java
AWS Certified Cloud Practitioner
Twitter - Sys_i_Geek IBM_i_Geek

This is the Web Enabling the IBM i (AS/400 and iSeries) (WEB400) mailing
To post a message email: WEB400@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
or email: WEB400-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives

As an Amazon Associate we earn from qualifying purchases.

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2021 by and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.