httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Serge Fonville <serge.fonvi...@gmail.com>
Subject Re: [users@httpd] Dynamic SSL
Date Wed, 31 Dec 2014 19:49:32 GMT
Hi,

1 virtualhost that can have many domain names accessing it. It should use
SSL engine and each domain should have it's own SSL certificate.

I've already got the non-ssl version setup.

So my initial thoughts are this might be possible with a pipe and an
executable or using variables for the accessing domain.

Now, I figure someone has wanted to do this in the past, there are so many
good reasons why someone would do this. So if it's not been done, The only
thing I could think that would prevent this from working would be that
perhaps apache was loading the cert and info on startup making it very
difficult to change the info on the fly.


Perhaps you need to read in how SSL works :-)
That said, I'd check:
https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm

Good luck!

Kind regards/met vriendelijke groet,

Serge Fonville

http://www.sergefonville.nl

2014-12-31 20:31 GMT+01:00 Greg <gregborbonus@gmail.com>:

> Hi guys,
>
> I'm sure this has been asked before, but I'm unable to find much.
>
> I'm attempting to make one virtualhost that is basically a wildcard setup.
> they all share the same docroot and such, but the domain names can be
> different.
>
> I have considered making a new virtualhost per domain, but there are
> reasons I would prefer to make the system not need such a thing.
>
> The goal:
>
> 1 virtualhost that can have many domain names accessing it. It should use
> SSL engine and each domain should have it's own SSL certificate.
>
> I've already got the non-ssl version setup.
>
> So my initial thoughts are this might be possible with a pipe and an
> executable or using variables for the accessing domain.
>
> Now, I figure someone has wanted to do this in the past, there are so many
> good reasons why someone would do this. So if it's not been done, The only
> thing I could think that would prevent this from working would be that
> perhaps apache was loading the cert and info on startup making it very
> difficult to change the info on the fly.
>
> Any thoughts?
>
> --
> Thank you,
> Greg Borbonus
> *Nix Server administrator
> 832-699-0461
> http://www.linkedin.com/in/gregborbonus/
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

Mime
View raw message