httpd-modules-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Sl√łgedal <mich...@dots.no>
Subject mod_ssl custom vhost module
Date Thu, 30 Mar 2017 15:20:14 GMT
Hi,

I have a custom vhost module using ap_hook_translate_name and sql lookup. This is enabled
through a single VirtualHost section in config.

Now I need to add ssl certificates with SNI on selected sites / domains. What's the best way
to go about this?

I looked a little on the mod_ssl source code, and it seems it does a lot of preprocessing
on config stage, and relies on a combination of VirtualHost and ServerName / Alias directives.
I suppose this means that mod_ssl wouldn't work with grabbing certificates based on a path
stored in sql on-the-fly.

So, what's the best way to approach this?

Do I hook into config processing In my vhost module and generate "fake" virtualhost entries
based on database data? The minus here is I can't make changes in db without reloading httpd
config.

Or, do I edit mod_ssl to check sql in addition to virtualhosts, and read / prepare a certificate
context on the fly? Maybe cache these for next time the same domain is requested?

Or something completely different ? :)

To sum up:

Database Table (Domain varchar, DocumentRoot varchar, CertificatePath varchar, KeyPath varchar)

No <VirtualHost> section per domain/site.

Need my mod_custom_vhost or mod_ssl to check this table for certificates and add to list processed
by mod_ssl during SNI.

--
Best regards,

Michael


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message