Why does this matter to us? Because this server hosts various sites, and their TLS cert doesn't match or there isn't a vhost config for them.
e.g bbcmicro.co.uk; if a user just types that into the address bar (at least with chrome) then it gives the cert mismatch error page:
If I click through then I get the stardot home page and not bbcmicro.co.uk
Obviously the site works with http:// but that's not what chrome defaults to any more.
And although it may not matter today, but some newer browser functionality is only available with https; https://www.digicert.com/blog/https-onl ... n-browsers
It's probably worth getting https fully working with virtual hosts. Apache can handle this easily enough; you can specify the cert values in the vhost config.
eg
Code: Select all
<VirtualHost *:443>
ServerName foo.bar
SSLCertificateFile ...path_to_cert_for_foo.bar
SSLCertificateKeyFile ...path_to_keyfile_for_foo.bar
SSLCertificateChainFile ...path_to_intermediate_chain_for_CA
...
</VirtualHost>