Apache Multiple Domains and Multiple SSL to same IP and folder
Clash Royale CLAN TAG#URR8PPP
up vote
0
down vote
favorite
I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.
so like
site1.example.com 192.168.0.2:443 /var/www/html
site2.example.com 192.168.0.2:443 /var/www/html
site3.example.com 192.168.0.2:443 /var/www/html
site4.example.com 192.168.0.2:443 /var/www/html
I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?
apache-httpd ssl
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
add a comment |Â
up vote
0
down vote
favorite
I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.
so like
site1.example.com 192.168.0.2:443 /var/www/html
site2.example.com 192.168.0.2:443 /var/www/html
site3.example.com 192.168.0.2:443 /var/www/html
site4.example.com 192.168.0.2:443 /var/www/html
I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?
apache-httpd ssl
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for*.domain.com.
– AlexP
Jan 12 '17 at 17:29
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33
add a comment |Â
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.
so like
site1.example.com 192.168.0.2:443 /var/www/html
site2.example.com 192.168.0.2:443 /var/www/html
site3.example.com 192.168.0.2:443 /var/www/html
site4.example.com 192.168.0.2:443 /var/www/html
I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?
apache-httpd ssl
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
I am building a system and I need to use the same IP and same folder for a site with multiple domains and a seperate SSL certificate for each one. Also I do not want them to redirect or forward, because the site can handle the different domains on its own.
so like
site1.example.com 192.168.0.2:443 /var/www/html
site2.example.com 192.168.0.2:443 /var/www/html
site3.example.com 192.168.0.2:443 /var/www/html
site4.example.com 192.168.0.2:443 /var/www/html
I am using Ubuntu 14.04 with Apache2
I really have no idea on how the hosts file should look for this, can someone show me an example?
apache-httpd ssl
apache-httpd ssl
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
edited Jul 4 at 18:34
Patrick Mevzek
2,0581721
2,0581721
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
asked Jan 12 '17 at 17:19
Super Saiyan Wizard
14
14
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for*.domain.com.
– AlexP
Jan 12 '17 at 17:29
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33
add a comment |Â
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for*.domain.com.
– AlexP
Jan 12 '17 at 17:29
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for
*.domain.com.– AlexP
Jan 12 '17 at 17:29
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for
*.domain.com.– AlexP
Jan 12 '17 at 17:29
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
0
down vote
Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.
Set up SNI with Apache:
First take a fresh backup of your .conf
Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.
Include my_other_site.conf
Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.
Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.
Set up SNI with Apache:
First take a fresh backup of your .conf
Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.
Include my_other_site.conf
Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.
Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
add a comment |Â
up vote
0
down vote
Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.
Set up SNI with Apache:
First take a fresh backup of your .conf
Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.
Include my_other_site.conf
Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.
Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
add a comment |Â
up vote
0
down vote
up vote
0
down vote
Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.
Set up SNI with Apache:
First take a fresh backup of your .conf
Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.
Include my_other_site.conf
Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.
Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
Earlier it was painful to multiple SSL certificate on multiple sites hosted on single IP address. Due to this website administrators need to invest more money to purchase individual IP addresses. However now with the help of SNI (Server Name Indicator) it is possible to protect multiple sites with different SSL Certificates on single Internet Protocol on Apache.
Set up SNI with Apache:
First take a fresh backup of your .conf
Now to achieve above mentioned functionalities, you need to create Virtual Host on your server. Create new .conf file for new Virtual Host or you can use existing. If you are creating a new .conf file you need to add following line into existing .conf file.
Include my_other_site.conf
Now list your public IP addresses in the NameVirtualHost directive by using port *:443. Afterwards you need to point Root Certificate, Intermediate Certificate, and SSL File to the each websites. Check below example for more:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName site1.domain.com
DocumentRoot /var/www/site
SSLEngine on
SSLCertificateFile /path/to/site1_domain_com.crt
SSLCertificateKeyFile /path/to/site1_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
<VirtualHost *:443>
ServerName site2.domain.com
DocumentRoot /var/www/site2
SSLEngine on
SSLCertificateFile /path/to/site2_domain_com.crt
SSLCertificateKeyFile /path/to/site2_domain_com.key
SSLCertificateChainFile /path/to/CA.crt
</VirtualHost>
This should work properly but in my opinion, you should not use different SSL Certificates fro different sites when you can get single SAN (Subject Alternative Names) SSL as you can secure multiple sites with single certificate. And if you have only sub-domains to secure under the one domain then you can simply opt Wildcard SSL, which can be cost effective option. You just need to issue Wildcard certificate as *.domain.com and everything (only first level) in place of asterisk (*) will be covered.
Both Wildcard SSL and SAN certificate will reduce the cost as well as management hassle. Read this article if you want to understand the difference between Wildcard SSL and SAN.
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
answered Feb 7 '17 at 13:39
Gunjan Tripathi
1011
1011
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f336925%2fapache-multiple-domains-and-multiple-ssl-to-same-ip-and-folder%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Yes, it works. You can have either a certificate for each domain, or one single certificate for all domains with the domains as subject alternate names in the certificate, or one single certificate for
*.domain.com.– AlexP
Jan 12 '17 at 17:29
how would my vhost file look for this?
– Super Saiyan Wizard
Jan 12 '17 at 17:46
Depends on whether you choose to have a different certificate for each domain, or one single certificate for all domains. Pick one choice and edit the question.
– AlexP
Jan 12 '17 at 17:53
Can anyone help with how to setup the vhost for this setup?
– Super Saiyan Wizard
Jan 16 '17 at 19:27
I am using Apache 2 on ubuntu 14.04lts
– Super Saiyan Wizard
Jan 16 '17 at 20:33