Apache Multiple Domains and Multiple SSL to same IP and folder

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
0
down vote

favorite
1












I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.



so like



site1.example.com 192.168.0.2:443 /var/www/html

site2.example.com 192.168.0.2:443 /var/www/html

site3.example.com 192.168.0.2:443 /var/www/html

site4.example.com 192.168.0.2:443 /var/www/html


I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?










share|improve this question























  • Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
    – AlexP
    Jan 12 '17 at 17:29











  • how would my vhost file look for this?
    – Super Saiyan Wizard
    Jan 12 '17 at 17:46










  • Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
    – AlexP
    Jan 12 '17 at 17:53











  • Can anyone help with how to setup the vhost for this setup?
    – Super Saiyan Wizard
    Jan 16 '17 at 19:27










  • I am using Apache 2 on ubuntu 14.04lts
    – Super Saiyan Wizard
    Jan 16 '17 at 20:33














up vote
0
down vote

favorite
1












I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.



so like



site1.example.com 192.168.0.2:443 /var/www/html

site2.example.com 192.168.0.2:443 /var/www/html

site3.example.com 192.168.0.2:443 /var/www/html

site4.example.com 192.168.0.2:443 /var/www/html


I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?










share|improve this question























  • Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
    – AlexP
    Jan 12 '17 at 17:29











  • how would my vhost file look for this?
    – Super Saiyan Wizard
    Jan 12 '17 at 17:46










  • Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
    – AlexP
    Jan 12 '17 at 17:53











  • Can anyone help with how to setup the vhost for this setup?
    – Super Saiyan Wizard
    Jan 16 '17 at 19:27










  • I am using Apache 2 on ubuntu 14.04lts
    – Super Saiyan Wizard
    Jan 16 '17 at 20:33












up vote
0
down vote

favorite
1









up vote
0
down vote

favorite
1






1





I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.



so like



site1.example.com 192.168.0.2:443 /var/www/html

site2.example.com 192.168.0.2:443 /var/www/html

site3.example.com 192.168.0.2:443 /var/www/html

site4.example.com 192.168.0.2:443 /var/www/html


I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?










share|improve this question















I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.



so like



site1.example.com 192.168.0.2:443 /var/www/html

site2.example.com 192.168.0.2:443 /var/www/html

site3.example.com 192.168.0.2:443 /var/www/html

site4.example.com 192.168.0.2:443 /var/www/html


I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?







apache-httpd ssl






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jul 4 at 18:34









Patrick Mevzek

2,0581721




2,0581721










asked Jan 12 '17 at 17:19









Super Saiyan Wizard

14




14











  • Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
    – AlexP
    Jan 12 '17 at 17:29











  • how would my vhost file look for this?
    – Super Saiyan Wizard
    Jan 12 '17 at 17:46










  • Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
    – AlexP
    Jan 12 '17 at 17:53











  • Can anyone help with how to setup the vhost for this setup?
    – Super Saiyan Wizard
    Jan 16 '17 at 19:27










  • I am using Apache 2 on ubuntu 14.04lts
    – Super Saiyan Wizard
    Jan 16 '17 at 20:33
















  • Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
    – AlexP
    Jan 12 '17 at 17:29











  • how would my vhost file look for this?
    – Super Saiyan Wizard
    Jan 12 '17 at 17:46










  • Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
    – AlexP
    Jan 12 '17 at 17:53











  • Can anyone help with how to setup the vhost for this setup?
    – Super Saiyan Wizard
    Jan 16 '17 at 19:27










  • I am using Apache 2 on ubuntu 14.04lts
    – Super Saiyan Wizard
    Jan 16 '17 at 20:33















Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
– AlexP
Jan 12 '17 at 17:29





Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for *.domain.com.
– AlexP
Jan 12 '17 at 17:29













how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46




how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46












Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53





Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53













Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27




Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27












I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33




I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33










1 Answer
1






active

oldest

votes

















up vote
0
down vote













Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.



Set up SNI with Apache:



First take a fresh backup of your .conf



Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.



Include my_other_site.conf


Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:



NameVirtualHost *:443

<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>

<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>


This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.



Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.






share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f336925%2fapache-multiple-domains-and-multiple-ssl-to-same-ip-and-folder%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    0
    down vote













    Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.



    Set up SNI with Apache:



    First take a fresh backup of your .conf



    Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.



    Include my_other_site.conf


    Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:



    NameVirtualHost *:443

    <VirtualHost *:443>
    ServerName site1.domain.com
    DocumentRoot /var/www/site
    SSLEngine on
    SSLCertificateFile /path/to/site1_domain_com.crt
    SSLCertificateKeyFile /path/to/site1_domain_com.key
    SSLCertificateChainFile /path/to/CA.crt
    </VirtualHost>

    <VirtualHost *:443>
    ServerName site2.domain.com
    DocumentRoot /var/www/site2
    SSLEngine on
    SSLCertificateFile /path/to/site2_domain_com.crt
    SSLCertificateKeyFile /path/to/site2_domain_com.key
    SSLCertificateChainFile /path/to/CA.crt
    </VirtualHost>


    This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.



    Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.






    share|improve this answer
























      up vote
      0
      down vote













      Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.



      Set up SNI with Apache:



      First take a fresh backup of your .conf



      Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.



      Include my_other_site.conf


      Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:



      NameVirtualHost *:443

      <VirtualHost *:443>
      ServerName site1.domain.com
      DocumentRoot /var/www/site
      SSLEngine on
      SSLCertificateFile /path/to/site1_domain_com.crt
      SSLCertificateKeyFile /path/to/site1_domain_com.key
      SSLCertificateChainFile /path/to/CA.crt
      </VirtualHost>

      <VirtualHost *:443>
      ServerName site2.domain.com
      DocumentRoot /var/www/site2
      SSLEngine on
      SSLCertificateFile /path/to/site2_domain_com.crt
      SSLCertificateKeyFile /path/to/site2_domain_com.key
      SSLCertificateChainFile /path/to/CA.crt
      </VirtualHost>


      This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.



      Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.






      share|improve this answer






















        up vote
        0
        down vote










        up vote
        0
        down vote









        Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.



        Set up SNI with Apache:



        First take a fresh backup of your .conf



        Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.



        Include my_other_site.conf


        Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:



        NameVirtualHost *:443

        <VirtualHost *:443>
        ServerName site1.domain.com
        DocumentRoot /var/www/site
        SSLEngine on
        SSLCertificateFile /path/to/site1_domain_com.crt
        SSLCertificateKeyFile /path/to/site1_domain_com.key
        SSLCertificateChainFile /path/to/CA.crt
        </VirtualHost>

        <VirtualHost *:443>
        ServerName site2.domain.com
        DocumentRoot /var/www/site2
        SSLEngine on
        SSLCertificateFile /path/to/site2_domain_com.crt
        SSLCertificateKeyFile /path/to/site2_domain_com.key
        SSLCertificateChainFile /path/to/CA.crt
        </VirtualHost>


        This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.



        Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.






        share|improve this answer












        Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.



        Set up SNI with Apache:



        First take a fresh backup of your .conf



        Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.



        Include my_other_site.conf


        Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:



        NameVirtualHost *:443

        <VirtualHost *:443>
        ServerName site1.domain.com
        DocumentRoot /var/www/site
        SSLEngine on
        SSLCertificateFile /path/to/site1_domain_com.crt
        SSLCertificateKeyFile /path/to/site1_domain_com.key
        SSLCertificateChainFile /path/to/CA.crt
        </VirtualHost>

        <VirtualHost *:443>
        ServerName site2.domain.com
        DocumentRoot /var/www/site2
        SSLEngine on
        SSLCertificateFile /path/to/site2_domain_com.crt
        SSLCertificateKeyFile /path/to/site2_domain_com.key
        SSLCertificateChainFile /path/to/CA.crt
        </VirtualHost>


        This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.



        Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Feb 7 '17 at 13:39









        Gunjan Tripathi

        1011




        1011



























             

            draft saved


            draft discarded















































             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f336925%2fapache-multiple-domains-and-multiple-ssl-to-same-ip-and-folder%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?