Multiple SSL Certificates
marthter
marthter-FFYn/CNdgSA at public.gmane.org
Mon May 17 15:49:42 UTC 2010
Jamon Camisso wrote:
> On 17/05/10 06:35 AM, William O'Higgins Witteman wrote:
>> On Mon, May 17, 2010 at 02:03:52AM -0400, Jason Carson wrote:
>>> Hello everyone,
>>>
>>> I currently have 2 domain names running on one IP address. Is it
>>> possible
>>> to setup two SSL certificates, one for each domain?
>>
>> No, because of the way that SSL works (as I understand it). Here's a
>> reference:
>>
>> http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts
>
> Using Server Name Indication (SNI) allows hosting multiple named ssl
> virtual hosts on a single IP. mod_gnutls supports SNI, and I think
> recent versions of mod_ssl do too. Take a look here:
>
> http://www.outoforder.cc/projects/apache/mod_gnutls/
> http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
>
> The one caveat is that older browsers like IE6 don't support SNI. more
> here: http://en.wikipedia.org/wiki/Server_Name_Indication#Browsers
>
There is also the "Subject Alt Name" which allows you to put multiple
domain/host names into the same certificate. Not sure if that's just an
older name for SNI or what but I've definitely done it with certificates
through CACert.
http://wiki.cacert.org/VhostTaskForce
Martin
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list