httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Johnson <...@indietorrent.org>
Subject Re: [users@httpd] Need help with multiple SSL certs + multiple domains
Date Mon, 05 Nov 2012 23:09:11 GMT


On 11/5/2012 4:46 PM, Igor Cicimov wrote:
> 
> On 06/11/2012 6:03 AM, "Phusion" <phusion2k@gmail.com
> <mailto:phusion2k@gmail.com>> wrote:
>>
>> I am in need of some assistance. The server is running Apache
> 2.2.15-15 on Red
>> Hat Enterprise Linux Server 6.3 x86_64. The configuration currently
> has the
>> following which works. We have a wildcard SSL certificate for
> *.domain.com <http://domain.com>. We
>> have all these on one NIC with the same IP address. I need to host a
> website
>> for another domain with that domain having another wildcard SSL
> certificate. I
>> know that I could either make a virtual IP address through aliasing or
> have
>> another NIC with another IP address. Maybe, I need to change to use a
>> combination of name-based virtual hosts and IP-based virtual hosts.
>>
>> Listen 80
>> NameVirtualHost *:80
>> NameVirtualHost *:443
>> <VirtualHost *:80>
>>         ServerName www.domain.com <http://www.domain.com>
>>         Redirect / https://www.domain.com/
>> </VirtualHost>
>> <VirtualHost *:443>
>>         ServerName www.domain.com <http://www.domain.com>
>>         DocumentRoot /data/websites/domain/www
>> </VirtualHost>
>> <VirtualHost *:80>
>>         ServerName beta.domain.com <http://beta.domain.com>
>>         Redirect / https://beta.domain.com/
>> </VirtualHost>
>> <VirtualHost *:443>
>>         ServerName beta.domain.com <http://beta.domain.com>
>>         DocumentRoot /data/websites/domain/beta
>> </VirtualHost>
>> <VirtualHost *:80>
>>         ServerName www.domain.net <http://www.domain.net>
>>         Redirect / https://www.domain.com/
>> </VirtualHost>
>> <VirtualHost *:443>
>>         ServerName www.domain.net <http://www.domain.net>
>>         DocumentRoot /data/websites/domain/www
>>         Redirect / https://www.domain.com/
>> </VirtualHost>
>> <VirtualHost *:80>
>>         ServerName www.mydomain.com <http://www.mydomain.com>
>>         Redirect / https://www.mydomain.com/
>> </VirtualHost>
>> <VirtualHost *:443>
>>         ServerName www.mydomain.com <http://www.mydomain.com>
>>         DocumentRoot /data/websites/domain/www
>>         Redirect / https://www.domain.com/
>> </VirtualHost>
>>
>> The new domain could be called domain2.com <http://domain2.com>.
>>
>> <VirtualHost *:80>
>>         ServerName www.domain2.com <http://www.domain2.com>
>>         Redirect / https://www.domain2.com/
>> </VirtualHost>
>> <VirtualHost *:443>
>>         ServerName www.domain2.com <http://www.domain2.com>
>>         DocumentRoot /data/websites/domain2/www
>> </VirtualHost>
> 
> You can do ssl name virtual hosts starting with SNI support in all
> modern browsers and apache 2.2.12. All you need to do is point each
> virtual host to its wildcard domain cert. If that was the question...

One important caveat regarding Server Name Indication (SNI): any
user-agent (browser, device, etc.) that doesn't implement SNI (IE on
Windows XP, for example) will be directed to the first virtual host that
is defined in your Apache configuration. This could have unwanted or
unintended consequences, so beware... especially if you cannot easily
re-order the entries manually.

-Ben

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message