Wednesday, July 23, 2014

Multiple SSL certificate support in apache with single IP - (SNI)

We mostly work on apache SSL and observed that we require multiple IP address for hosting multiple SSL websites ( with different SSL certificates). Here I found one TLS extension for apache named SNI stands for Server Name Indication. Using this we can host multiple SSL website in a single apache with single IP address.


Configuration:


NameVirtualHost *:443

SSLStrictSNIVHostCheck off


 ServerAdmin web1@example.com
 DocumentRoot /var/www/html/web1
 ServerName web1.com
 SSLEngine ON
 SSLCertificateFile /etc/httpd/certs/web1/server.crt
 SSLCertificateKeyFile /etc/httpd/certs/web1/server.key
 ErrorLog /var/www/vhosts/web1/logs/error.log
 CustomLog /var/www/vhosts/web1/logs/access.log common


 ServerAdmin web2@example.com
 DocumentRoot /var/www/html/web2
 ServerName web2.com
 SSLEngine ON
 SSLCertificateFile /etc/httpd/certs/web2/server.crt
 SSLCertificateKeyFile /etc/httpd/certs/web2/server.key
 ErrorLog /var/www/vhosts/web2/logs/error.log
 CustomLog /var/www/vhosts/web2/logs/access.log common



2 comments:

  1. but One IP address to host multiple sites using ssl .. is there any disadvantage?

    ReplyDelete

Which operating system you like most?