Apache & VirtualHost SSL with a wildcard or multiple-site server certificate
Apache (1.3, 2.0 or 2.2) requires advanced settings in order to run SSL with several sites names, whether with a Wildcard or with a multiple-site certificate. This configuration is not clearly explained in the official documentation.Ports listening
You need to indicate which IP address and which port the server has to listen. The virtual host has to be declared as well. Enter the same thing into the 2 instructions. Example:Listen 213.186.35.102:443 NameVirtualHost 213.186.35.102:443If you are IPv6-compatible:
Listen [2001:41D0:1:266::1]:443 NameVirtualHost [2001:41D0:1:266::1]:443
Sites declaration
You can declare as may sites as you want to. First of all use the virtualhost declaration:<VirtualHost 213.186.35.102:443 >or, with IPv6
<VirtualHost 213.186.35.102:443 [2001:41D0:1:266::1]:443 >Inside, place the keyword ServerName that will identify the site's name, and one or several ServerAlias
Finally, enter the SSL instructions
SSLEngine on SSLCertificateFile conf/ssl.crt/cert-1138-8747.cer SSLCertificateKeyFile conf/ssl.key/wild.cert.com.2006.key SSLCertificateChainFile conf/ssl.crt/chain-1138-8747.txt SSLVerifyClient noneThen the other VirtualHost instructions.
You can then define as many VirtualHost as needed.
Example of a minimum configuration
<VirtualHost _default_:443> DocumentRoot /var/www/html ErrorLog logs/ssl-error_log TransferLog logs/ssl-access_log SSLEngine on # 128-bit mini anti-beast #SSLCipherSuite !EDH:!ADH:!DSS:!RC2:RC4-SHA:RC4-MD5:HIGH:MEDIUM:+AES128:+3DES # 128-bit mini PFS favored #SSLCipherSuite !EDH:!ADH:!DSS:!RC2:HIGH:MEDIUM:+3DES:+RC4 # 128-bit maximal security SSLCipherSuite !EDH:!ADH:!DSS:!RC4:HIGH:+3DES SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherSuite on # apache 2.1+ SSLCertificateFile conf/ssl/cert-0000000000-12983.cer SSLCertificateKeyFile conf/ssl/multisite.key SSLCertificateChainFile conf/ssl/chain-0000000000-12983.txt </VirtualHost> NameVirtualHost *:443 <VirtualHost *:443> DocumentRoot /home/site1/public_html ServerName management.site1.com ServerAlias v8.site1.com cyber.site1.com </VirtualHost> <VirtualHost *:443> DocumentRoot /home/site2/public_html ServerName managecom.site2.com ServerAlias commercial.site2.com,prospect.site2.com </VirtualHost>
Last edited on 06/18/2015 07:26:32 --- [search]