Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
Topic: How-to More than one domain with your SSL |
|
Author |
|
Steffen Moderator
Joined: 15 Oct 2005 Posts: 3090 Location: Hilversum, NL, EU
|
Posted: Mon 24 Jul '06 12:50 Post subject: How-to More than one domain with your SSL |
|
|
A nice tip I read from Ken Johanson
Quote: |
In the past, several people (including myself) have asked for a way to get Apache to support multiple SSL certs, for servers that host more than one domain. But it turns out that SSL (x509 version 3, specifically), has built-in support for multiple domains per certifcate!!
Just add the following line to your openssl.cnf file, in the [ v3_ca ] section:
subjectAltName = DNS:http://www.test.com,DNS:*.kensystem.com,DNS:*.etc.com
This line adds additional domains that browsers will validate a certificate against. Note the comma-separated-list format ; it allows you to add as many for few as you want. As in the example, you can also use wild card certs.
You need to re-create your certificate after adding that line to openssl.cnf, put the cert into your config/ dir, then restart your server.
I've verified that all modern browsers support this; Mozilla, Firebird, Safari, & IE. Theoretically, older software that uses SSL (email clients, etc) may not have support for this feature. It also does not provide a distinct cert based on IP address (the contemporary ssl binding method), but that's probably not going to be a problem for most of us.
Cheers,
ken
|
|
|
Back to top |
|
PipoDeClown
Joined: 20 Dec 2005 Posts: 77
|
Posted: Sat 27 Jan '07 12:10 Post subject: |
|
|
bumps:
does that mean i could host multiple https sites on my home dsl? (withouth client certificate trouble ofcourse) |
|
Back to top |
|
holziusa
Joined: 02 Jan 2008 Posts: 48
|
Posted: Tue 04 Mar '08 7:22 Post subject: selfsigned ssl, multiple virtual host |
|
|
hi steffen,
the above worked really well with sambar, not showing any warnings etc
with apache i am not able to acomplish this , is there a new work around for self signed ssl
specs 2.2.8...ssl 0.9.8g |
|
Back to top |
|
|
|
|
|
|