All geek questions in one place

Multiuser Apache SSL Domain

We have a web application that hosts several sites for our customers in different domains. All these domains are hosted on the same Apache scam; logical separation into different sites is performed using software.

We would like to offer ssl support for some of these virtual sites. Basically, this should not be a problem, since once an ssl connection is established, the software can use the host header to route to the correct website.

But: How do I tell apache to serve the correct certificate, depending on the requested host?

Is it possible to map certificates to domains, for example. with something like:

SSLCertificateFile File

All help is appreciated!

+3
source share
3 answers

In addition to what @bobince said, you can have multiple host names in the same certificate (not necessarily with wild-cards or sub-domains) using multiple DNS records in an alternative object name extension. (CAs may charge a much higher fee for this type of certificate).

+4
source

It's impossible. Because the host header is only sent after an SSL connection has been established, the server cannot service the SSL certificate depending on the host.

Specifying a server name attempts to fix this, but is not implemented in all browsers.

+3
source

IP- SSL. SSLCertificateFile VirtualHost, IP: .

HTTPS , , Host: ( , ). , IP- ( , ).

SSL, SNI, , .

+3

Source: https://habr.com/ru/post/1767326/

More articles:


All Articles