Jump to content

SSL Issue

benanamen

By benanamen
in Apache HTTP Server

 Share

Recommended Posts

benanamen Prolific Member

benanamen

Posted
Posted

I just set up SSL on Apache that has one IP and two domains that are using SSL. Individually they both work as expected. If they are both using port 443 at the same time, the server is defaulting to the first domain I set up which creates a domain mismatch error on the second one since it is reading the cert from the first domain.

 

I have always had one IP per domain so I have never run across this problem. Doing research on it as I post. Anyone know the fix?

Link to comment
https://forums.phpfreaks.com/topic/303654-ssl-issue/
Share on other sites
benanamen Prolific Member

benanamen

Posted
  • Author
Posted

Debian 8 Apache version 2.4.10. Yes I have NameVirtualHost *:443

 

I found this site that shows what to do but no effect.

https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm

 

Whichever is the first <virtualhost> is the one that works correctly. I tried with *:443 and myip:443. Same results.

Link to comment
https://forums.phpfreaks.com/topic/303654-ssl-issue/#findComment-1545171
Share on other sites
benanamen Prolific Member

benanamen

Posted
  • Author
Posted 


NameVirtualHost *:443


<VirtualHost *:443>

DocumentRoot "/docrootpath"

ServerName domain1

ServerAdmin webmaster@localhost

ErrorLog /path

CustomLog /path

<Directory "path">

allow from all

AllowOverride All

Options None

Require all granted

</Directory>

SSLEngine on

SSLCertificateFile /path

SSLCertificateKeyFile /path

SSLCACertificateFile /path

<Directory "/path">

allow from all

Options None

Require all granted

</Directory>

</VirtualHost>




<VirtualHost *:443>

DocumentRoot "/path"

ServerName domain2

ServerAdmin webmaster@localhost

ErrorLog /path

CustomLog /path

<Directory "/path">

Order Allow,Deny

Allow from all

AllowOverride all

Options None

Require all granted

</Directory>

RewriteEngine On

RewriteCond %{HTTPS} off

RewriteRule (.*) https://%{SERVER_NAME}$1 [R,L]

<Directory "/path">

allow from all

Options None

Require all granted

</Directory>

SSLEngine on

SSLCertificateFile /path

SSLCertificateKeyFile /path

SSLCACertificateFile /path

</VirtualHost>
Link to comment
https://forums.phpfreaks.com/topic/303654-ssl-issue/#findComment-1545173
Share on other sites
requinix Prolific Member

requinix

Posted
Posted

Seems fine. Maybe there's something more obvious wrong? Sure you have the right domain names? Are you being redirected at any point? Does the mismatch error truly say the certificate is for the other domain?

What if you swap the virtualhosts in the configuration file? Does it have the same problem but in reverse?

 

And what if you include a

SSLStrictSNIVHostCheck on
in the configuration (outside a vhost)?
Link to comment
https://forums.phpfreaks.com/topic/303654-ssl-issue/#findComment-1545175
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.