Multiple SSL Certificates
marthter
marthter-FFYn/CNdgSA at public.gmane.org
Mon May 17 16:01:17 UTC 2010
marthter wrote:
> Jamon Camisso wrote:
>> On 17/05/10 06:35 AM, William O'Higgins Witteman wrote:
>>> On Mon, May 17, 2010 at 02:03:52AM -0400, Jason Carson wrote:
>>>> Hello everyone,
>>>>
>>>> I currently have 2 domain names running on one IP address. Is it
>>>> possible
>>>> to setup two SSL certificates, one for each domain?
>>>
>>> No, because of the way that SSL works (as I understand it). Here's a
>>> reference:
>>>
>>> http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts
>>
>> Using Server Name Indication (SNI) allows hosting multiple named ssl
>> virtual hosts on a single IP. mod_gnutls supports SNI, and I think
>> recent versions of mod_ssl do too. Take a look here:
>>
>> http://www.outoforder.cc/projects/apache/mod_gnutls/
>> http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
>>
>> The one caveat is that older browsers like IE6 don't support SNI.
>> more here: http://en.wikipedia.org/wiki/Server_Name_Indication#Browsers
>>
> There is also the "Subject Alt Name" which allows you to put multiple
> domain/host names into the same certificate. Not sure if that's just
> an older name for SNI or what but I've definitely done it with
> certificates through CACert.
>
> http://wiki.cacert.org/VhostTaskForce
>
> Martin
Before some overly literal person (none of those here right : - )
quibbles about this...
This does not, strictly speaking, answer the question you asked, in that
it does not give you "two SSL certificates, one for each domain".
However I think it will do what you want in that it gives you one
certificate that works for both domains on the same IP address.
I've got one working for about 5 domains on the same IP address.
Martin
--
The Toronto Linux Users Group. Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists
More information about the Legacy
mailing list