Google Answers: With an Apache2 server, how do I setup my ssl.conf for multiple domains?

View Question

Q: With an Apache2 server, how do I setup my ssl.conf for multiple domains? ( No Answer, 1 Comment )

Question

Subject: With an Apache2 server, how do I setup my ssl.conf for multiple domains?
Category: Computers > Internet
Asked by: pfreet-ga
List Price: $50.00

Posted: 24 Aug 2006 05:29 PDT
Expires: 23 Sep 2006 05:29 PDT
Question ID: 759037

Apache/SSL does not allow one to use name based virtual hosting. You must use
IP based virtual hosting. However, our server is behind a firewall and
all trafiic to the server is on 10.10.1.1. So, how do I configure my
ssl.conf file to be able to support multiple sercure domains?

I currently have this setup and it works quite well for secrue.foo.com:

Listen 443
<VirtualHost _default_:443>
  DocumentRoot /www/foo/
  ServerName secure.foo.com:443
  SSLEngine on
  ...
</VirtualHost>

However, the following does not work and I have tried every
permutation of it. I think it may be because the server is behind a
NAT firewall.

<VirtualHost 12.34.56.78:443>
  ServerName secure.foo.com:443
  DocumentRoot /www/foo/
  SSLEngine on
  ...
</VirtualHost>
<VirtualHost 98.76.54.32:443>
  ServerName secure.bar.com:443
  DocumentRoot /www/bar/
  SSLEngine on
  ...
</VirtualHost>


Please suggest a setting for SSL.conf that will woprk in this instance. Thank you!

Answer

There is no answer at this time.

Comments

Subject: Re: With an Apache2 server, how do I setup my ssl.conf for multiple domains?
From: rhinst-ga on 26 Aug 2006 21:57 PDT

In general, each SSL site needs it's own IP address, since the reverse
DNS of the ip address has to match the domain specified in the SSL
certificate.

If your server is NAT'ed behind a firewall and only has one IP address
available to it, your best bet might be to translate multiple external
ip addresses to different ports on the apache server. For example,
assume you have 3 domains that require SSL: domain1.com, domain2.com,
and domain3.com. domain1.com resolves to 1.2.3.4 which gets translated
through the firewall to 10.10.1.1:10443. domain2.com resolves to
1.2.3.5, which gets translated through the firewall to
10.10.1.1:10444. domain3.com resolves to 1.2.3.6, which gets
translated through the firewall to 10.10.1.1:10445. Then you can
create the following in your conf file:

Listen 10443
Listen 10444
Listen 10445
<VirtualHost _default_:10443>
  DocumentRoot /www/domain1/
  ServerName domain1.com
  SSLEngine on
  ...
</VirtualHost>

<VirtualHost _default_:10444>
  DocumentRoot /www/domain2/
  ServerName domain2.com
  SSLEngine on
  ...
</VirtualHost>

<VirtualHost _default_:10445>
  DocumentRoot /www/domain3/
  ServerName domain3.com
  SSLEngine on
  ...
</VirtualHost>

 
Hope this helps.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy