httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Eissing <stefan.eiss...@greenbytes.de>
Subject Re: [users@httpd] SNI SSL per domain?
Date Wed, 03 Feb 2016 10:54:21 GMT
common.conf:

<Locationwhatever...
...
...
---------------------------

<VirtualHost *:443>
  ServerName foo.tld

  SSLCertificateFile foo.pem

  Include common.con
</VirtualHost>
<VirtualHost *:443>
  ServerName bar.tld

  SSLCertificateFile bar.pem

  Include common.con
</VirtualHost>


> Am 03.02.2016 um 11:45 schrieb Felipe Gasper <felipe@felipegasper.com>:
> 
> What if I have a vhost with:
> 
> ServerName foo.tld
> ServerAlias bar.tld
> 
> … but I have two separate SSL certificates for these domains? Is there any way to accommodate
this without either splitting the domains onto separate vhosts or buying a new certificate
that covers both domains?
> 
> -FG
> 
> On 3 Feb 2016 12:26 AM, William A Rowe Jr wrote:
>> Sounds like you have mis-structured the config.  Per servername - each
>> can and should have its own cert and will be selected via SNI.  If there
>> are subadmins beneath each vhost section #include those snippets and
>> they all still fall within the given host name.
>> 
>> On Feb 1, 2016 11:21 AM, "Felipe Gasper" <felipe@felipegasper.com
>> <mailto:felipe@felipegasper.com>> wrote:
>> 
>>    On 1 Feb 2016 12:16 PM, Oscar Knorn wrote:
>> 
>>        On 2016/02/01 Felipe Gasper wrote:
>> 
>>            Hello,
>> 
>>                  Is it possible to do SNI SSL per domain rather than
>>            per vhost? If
>>            not, is there a feature request in for this?
>> 
>>                  Thank you!
>> 
>>            -Felipe Gasper
>>            Houston, TX
>> 
>>            ---------------------------------------------------------------------
>>            To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>            <mailto:users-unsubscribe@httpd.apache.org>
>>            For additional commands, e-mail: users-help@httpd.apache.org
>>            <mailto:users-help@httpd.apache.org>
>> 
>> 
>> 
>>        Hello Felipe,
>> 
>>        are'nt in your configuration the domains organized in vhost sections
>>        yet? Do you think, there might be a reason you can't organize
>>        them that way?
>> 
>>        Cheers Oscar
>> 
>> 
>>    Hi Oscar,
>> 
>>    Thanks for responding!
>> 
>>    We have end users customizing their own vhost configurations via a
>>    limited-access interface; hence, I can’t put one domain per vhost.
>> 
>>    -F
>> 
>>    ---------------------------------------------------------------------
>>    To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>>    <mailto:users-unsubscribe@httpd.apache.org>
>>    For additional commands, e-mail: users-help@httpd.apache.org
>>    <mailto:users-help@httpd.apache.org>
>> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message