Multiple SSL Virtual Hosts on Apache2

Support for webhosts that use CentOS
Post Reply
FORESTHUS
Posts: 3
Joined: 2005/07/24 10:39:00

Multiple SSL Virtual Hosts on Apache2

Post by FORESTHUS » 2005/10/20 11:28:05

Hi,

I am trying to build an Apache 2.0.54 with SSL. All works fine, but when I´m trying to create VirtualHosts.

How do I configure 2 different https-domains with 2 different crt, csr and key???

This was my suggestion but only the first certi is used. What is wrong???

...

NameVirtualHost 192.168.110.1:443


DocumentRoot /www/serendipity
ServerName blog.example.de

allow from all
Options +Indexes
SSLRequireSSL

SSLEngine on
SSLCertificateFile /usr/local/http-2.0.54_ssl/conf/ssl.crt/blog_example_de.crt
SSLCertificateKeyFile /usr/local/http-2.0.54_ssl/conf/ssl.key/blog_example_de.key

ErrorLog /var/log/httpd/blog_example_de/blog_example_de-SSL_error_log
CustomLog /var/log/httpd/blog_example_de/blog_example_de-SSL_access_log common



DocumentRoot /home/ssc/www
ServerName ssc.example.de

allow from all
Options +Indexes
SSLRequireSSL

SSLEngine on
SSLCertificateFile /usr/local/http-2.0.54_ssl/conf/ssl.crt/ssc_example_de.crt
SSLCertificateKeyFile /usr/local/http-2.0.54_ssl/conf/ssl.key/ssc_example_de.key

ErrorLog /var/log/httpd/ssc_example_de/ssc_example_de-SSL_error_log
CustomLog /var/log/httpd/ssc_example_de/ssc_example_de-SSL_access_log common


...

:-?

BremenSaki
Posts: 1
Joined: 2005/10/21 10:30:07
Contact:

Re: Multiple SSL Virtual Hosts on Apache2

Post by BremenSaki » 2005/10/21 10:36:36

In a nutshell - it's impossible. It can't be done, unless you have more than one IP address.

The reason is that each SSL certificate is allocated to a hostname. When an SSL connection is started, the first thing that's done is the certificate checks. The client compares the host named on the cert to the hostname it's connected to.

The problem is due to the fact that the virtual host name request is transmitted by the cient AFTER the certificate stuff is all over and done with. Basically, by the time the server has any clue that a different virtual host is being requested, it's too late. The SSL session is already up and running.

I've probably explained this badly. Someone else may do a better job. :)

FORESTHUS
Posts: 3
Joined: 2005/07/24 10:39:00

Re: Multiple SSL Virtual Hosts on Apache2

Post by FORESTHUS » 2005/10/24 10:20:55

thanx a lot.

found it in my book.

If someone needs two cert for one apache you need 2 ip´s and than it works.

:-D

Wide
Posts: 1
Joined: 2005/11/18 17:58:04

Re: Multiple SSL Virtual Hosts on Apache2

Post by Wide » 2005/11/18 18:02:22

I came across this in my travels, it may help.
I have not yet tried it.


[url=http://www-uxsup.csx.cam.ac.uk/~jw35/courses/using_https/html/x571.html]Virtual hosts and HTTPS[/url]



:-D

danov
Posts: 1
Joined: 2006/01/20 20:06:59

Re: Multiple SSL Virtual Hosts on Apache2

Post by danov » 2006/01/20 20:11:39

it can be achieved by running virtual host on two differents ports for example: 443 and 444, for each ip, port pair you can use different ssl certificate

Post Reply

Return to “CentOS 4 - Webhosting Support”