httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lourdes Jones <lour...@ljones.com>
Subject Re: [users@httpd] ******************** Virtual hosting with SSL **************************
Date Mon, 04 Nov 2002 22:54:07 GMT
Hello Ron,

Monday, November 4, 2002, 11:30:37 AM, you wrote:

> I need to host multiple domains on my server.  After reading through the
> docs, I see that Apache will not support SSL if name-based virtual
> hosting is used.

This is a limitation of the https protocol. Negotiation takes place
prior to data exchange (aka before the server can know what name is
being used) so the certificate should match the name of default secure
server for that IP. You can get a two level certificate
(*.domainname.tld) so that as long as the same base domain name is
used, different domains can be hosted and not produce errors in
authentication.

> So it looks like I am forced to used IP-base virtual hosting. Is
> there any way around this?

It's common to set up virtual domains with the format
http://customername.tld and then set up a single master secure
domain (single certificate) with the customer as the machine name
https://customername.certifiedname.tld

If the customer requires https://customername.tld then you will be
needing additional IPs and certificates.

> Also, can I get away with using a single authorized SSL certificate
> for all of my hosted domains or must I purchase a unique certificate
> for each domain.

Certificates can only be shared if the base domain is constant.
Unique certificates require unique IP addresses.

-- 
Best regards,
 Lourdes                            



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message