logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> How-to's & Documentation & Tips View previous topic :: View next topic
Reply to topic   Topic: How-to More than one domain with your SSL
Author
Steffen
Moderator


Joined: 15 Oct 2005
Posts: 3090
Location: Hilversum, NL, EU

PostPosted: Mon 24 Jul '06 12:50    Post subject: How-to More than one domain with your SSL Reply with quote

A nice tip I read from Ken Johanson

Quote:

In the past, several people (including myself) have asked for a way to get Apache to support multiple SSL certs, for servers that host more than one domain. But it turns out that SSL (x509 version 3, specifically), has built-in support for multiple domains per certifcate!!

Just add the following line to your openssl.cnf file, in the [ v3_ca ] section:

subjectAltName = DNS:http://www.test.com,DNS:*.kensystem.com,DNS:*.etc.com

This line adds additional domains that browsers will validate a certificate against. Note the comma-separated-list format ; it allows you to add as many for few as you want. As in the example, you can also use wild card certs.

You need to re-create your certificate after adding that line to openssl.cnf, put the cert into your config/ dir, then restart your server.


I've verified that all modern browsers support this; Mozilla, Firebird, Safari, & IE. Theoretically, older software that uses SSL (email clients, etc) may not have support for this feature. It also does not provide a distinct cert based on IP address (the contemporary ssl binding method), but that's probably not going to be a problem for most of us.

Cheers,

ken
Back to top
PipoDeClown



Joined: 20 Dec 2005
Posts: 77

PostPosted: Sat 27 Jan '07 12:10    Post subject: Reply with quote

bumps:

does that mean i could host multiple https sites on my home dsl? (withouth client certificate trouble ofcourse)
Back to top
holziusa



Joined: 02 Jan 2008
Posts: 48

PostPosted: Tue 04 Mar '08 7:22    Post subject: selfsigned ssl, multiple virtual host Reply with quote

hi steffen,
the above worked really well with sambar, not showing any warnings etc

with apache i am not able to acomplish this , is there a new work around for self signed ssl

specs 2.2.8...ssl 0.9.8g
Back to top


Reply to topic   Topic: How-to More than one domain with your SSL View previous topic :: View next topic
Post new topic   Forum Index -> How-to's & Documentation & Tips