Jump to content

SSL and virtual hosts


aurir_

Recommended Posts

I created a self-signed certificate for *.mysite.com. The problem is that when I have more than one virtual host, only one of them works. When restarting apache I get:

 

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

 

At the moment I have two virtual host files: one for www.mysite.com and another one for svn.mysite.com. I want the SSL to work for both of them. How do I go about it?

 

svn.mysite-ssl

<VirtualHost *:443>
  ServerAdmin webmaster@localhost
  ServerName svn.mysite.com
  DocumentRoot /var/www/svn

  SSLOptions +StrictRequire
  SSLEngine On
  SSLCertificateFile /etc/ssl/certs/server.crt
  SSLCertificateKeyFile /etc/ssl/private/server.key
....

 

www.mysite-ssl

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerAdmin webmaster@localhost
        ServerName mysite.com
        ServerAlias www.mysite.com

        SSLEngine On
        SSLOptions +StrictRequire
        SSLCertificateFile /etc/ssl/certs/server.crt
        SSLCertificateKeyFile /etc/ssl/private/server.key

        DocumentRoot /var/www/mysite/

 

the same setup works fine over http.

Link to comment
Share on other sites

After looking closer at some documentation that my ubuntu server/apache 2 came with, it turns out that name based virtual hosting for SSL is not supported yet.

 

Obviously, companies have ssl on multiple subdomains. So, what is the workaround for that on apache 2? All of my subdomains are on the same server so the IP is the same. Otherwise I could do IP based virtual hosting and that would work I guess.

 

What can I do in such a situation?

 

 

In addition, I created my SSL certificate for *.mysite.com, so all of my subdomains are included. However, when I type in mysite.com I get certificate mismatch error. What's the workaround for that?

Link to comment
Share on other sites

I have apache2 serving out multiple ssl vhosts from the one ip, using a wildcard ssl cert.

 

See http://wiki.kartbuilding.net/index.php/Apache_2_%26_SSL_-_PHP4_-_MySQL_4.1

for my config.

 

Also, the reason you got that server mismatch error is:

*.domain.com ssl cert covers:

www.domain.com

mail.domain.com

anyvhost.domain.com

 

It will throw an error for http://domain.com however, as the ssl cert is for *.domain.com

 

-steve

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.