Home
Certification Preparation
LPI, Red Hat & Linux Foundation
Apache Name Based Secure Virtual Hosts with different certificates
Bodanel
Anyone has a hint about how to do this? Ive tried several google solutions without success.
Thks
Find more posts tagged with
Comments
lordy
Where exactly are you stuck? It shouldn't be much more difficult than a plain HTTP virtual host. Something like:
<VirtualHost 1.2.3.4:443>
DocumentRoot /var/www/secure
SSLEngine on
SSLCertificateFile /etc/ssl/certs/...
SSLCertficateKeyFile /etc/ssl/private/...
</VirtualHost>
Bodanel
It's the same but if you have only 1 ip address it always points to the first vhost, which is the default one.
lordy
Yes, that's because of the way how HTTPS works.
The encryption is established before any request is sent so the server can not know which V-Host you were trying to reach. That information would be transmitted in the request which needs to be encrypted. Therefore you need one IP address per SSL-Certificate that you want to use. As IPv4 addresses are getting rare there is an idea called SAN (Subject Alternative Name) that allows you to put multiple hostnames into one certificate so that virtual hosting is possible even with SSL (to some extend).
Bodanel
The next best thing that i've found is here
NameBasedSSLVHostsWithSNI - Httpd Wiki
but i didnt manage to implement it.
In the end I've used the same certificate for all vhosts.
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
