> Can someone give me an example config for a virtual host with SSL support
> using mod_ssl in this format:

> <VirtualHost somehost.domain.com>
>     ServerAdmin admin@domain.com
>     DocumentRoot /htdocs/somehost/
>     ServerName somehost.domain.com
>     ErrorLog logs/somehost-error_log
>     CustomLog logs/somehost-access_log common
> </VirtualHost>

SSL is IP-based; that is, the SSL key exchange happens before the HTTP headers
are transmitted.  Thus, your SSL host needs to be on a single IP address unique
to itself.  (I suppose you could run other non-SSL sites on the same IP using
name-based VirtualHosting though.)

The SSL stuff will refuse to run/load unless you have specified the keys/cert-
ificates, etc. for that SSL site.  This caused me a fair bit of grief until
I figured it out.

> Also, if anyone knows of a place to read some documentation on the subject
> I would be interested in that as well.

The documentation was not that great for the SSL support.  Here is a config-
uration from a system of mine with SSL.  Things have been changed to protect
the guilty:

<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
</IfDefine>

<IfModule mod_ssl.c>
SSLPassPhraseDialog  builtin
SSLSessionCache         shm:/var/cache/ssl_scache(512000)
SSLSessionCacheTimeout  300
SSLMutex  file:/var/run/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLLog      logs/ssl_engine_log
SSLLogLevel warn
</IfModule>

<IfDefine SSL>

<VirtualHost 1.62.83.124:443>
        ServerAdmin asdf@ockers.net
        DocumentRoot "/home/httpd/html/asdf"
        SSLEngine on
        SSLCertificateFile    /etc/httpd/conf/ssl.crt/asdf.crt
        SSLCertificateKeyFile /etc/httpd/conf/ssl.key/asdf.key
        ServerName asdf.ockers.net
</VirtualHost>

<VirtualHost _default_:443>
DocumentRoot /home/httpd/html
ServerName default.host.name
ServerAdmin ockers@ockers.net
ErrorLog /var/log/httpd/error_log-ssl
TransferLog /var/log/httpd/access_log-ssl
SSLEngine on
SSLCertificateFile    /etc/httpd/conf/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
</VirtualHost>

</IfDefine>

--
Jim Ockers (ockers@ockers.net)                     Ask me about Linux!
Contact info: please see http://www.ockers.net/

Fight Spam! Join CAUCE (Coalition Against Unsolicited Commercial Email)
at http://www.cauce.org/ .