aurir_ Posted March 1, 2009 Share Posted March 1, 2009 I created a self-signed certificate for *.mysite.com. The problem is that when I have more than one virtual host, only one of them works. When restarting apache I get: [warn] _default_ VirtualHost overlap on port 443, the first has precedence At the moment I have two virtual host files: one for www.mysite.com and another one for svn.mysite.com. I want the SSL to work for both of them. How do I go about it? svn.mysite-ssl <VirtualHost *:443> ServerAdmin webmaster@localhost ServerName svn.mysite.com DocumentRoot /var/www/svn SSLOptions +StrictRequire SSLEngine On SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key .... www.mysite-ssl <IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin webmaster@localhost ServerName mysite.com ServerAlias www.mysite.com SSLEngine On SSLOptions +StrictRequire SSLCertificateFile /etc/ssl/certs/server.crt SSLCertificateKeyFile /etc/ssl/private/server.key DocumentRoot /var/www/mysite/ the same setup works fine over http. Quote Link to comment Share on other sites More sharing options...
aurir_ Posted March 5, 2009 Author Share Posted March 5, 2009 After looking closer at some documentation that my ubuntu server/apache 2 came with, it turns out that name based virtual hosting for SSL is not supported yet. Obviously, companies have ssl on multiple subdomains. So, what is the workaround for that on apache 2? All of my subdomains are on the same server so the IP is the same. Otherwise I could do IP based virtual hosting and that would work I guess. What can I do in such a situation? In addition, I created my SSL certificate for *.mysite.com, so all of my subdomains are included. However, when I type in mysite.com I get certificate mismatch error. What's the workaround for that? Quote Link to comment Share on other sites More sharing options...
trq Posted March 5, 2009 Share Posted March 5, 2009 To date SSL can only be implimented on a per ip bases, there is a solution in the works (see here) however (as you can see) its not supported by older versions of IE. Quote Link to comment Share on other sites More sharing options...
corbin Posted March 5, 2009 Share Posted March 5, 2009 I wonder what the world would be like without the "older versions of IE don't support that" thing hanging around.... Quote Link to comment Share on other sites More sharing options...
trq Posted March 5, 2009 Share Posted March 5, 2009 I wonder what the world would be like without the "older versions of IE don't support that" thing hanging around.... We may never know. Quote Link to comment Share on other sites More sharing options...
corbin Posted March 5, 2009 Share Posted March 5, 2009 We will probably never know. Quote Link to comment Share on other sites More sharing options...
steviewdr Posted March 8, 2009 Share Posted March 8, 2009 I have apache2 serving out multiple ssl vhosts from the one ip, using a wildcard ssl cert. See http://wiki.kartbuilding.net/index.php/Apache_2_%26_SSL_-_PHP4_-_MySQL_4.1 for my config. Also, the reason you got that server mismatch error is: *.domain.com ssl cert covers: www.domain.com mail.domain.com anyvhost.domain.com It will throw an error for http://domain.com however, as the ssl cert is for *.domain.com -steve Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.