On 3 February 2014 12:05, Stuart Bailey stuart@linusoft.co.uk wrote:
However, if I try to access any non-SSL site using HTTPS, I get directed to the SSL site.
The "problem" with https is that the "conversation" between the browser and the server is encrypted.
For http, the browser connects to the server's IP address and asks for www.nonsslsite.com. But for https the browser cannot ask for www.nonsslsite.com until it has established the encrypted connection, so at that point in the conversation Apache does not (and cannot) know which site the browser is trying to access. It will establish the connection using the credentials of the only SSL site you have (and indeed you can only have one per IP address, unlike http where you can have multiple virtual hosts sharing one IP address).
I suspect your only solution may be to have an extra IP address, which is allocated to your SSL site, so that it is kept separate. If there is a more elegant solution I'd like to hear about it.
There is a Server Name extension to TLS which may help you but I'm out of my depth there...