[CentOS] multiple signed ssl certificatess on single IP address

Sun Mar 19 00:46:05 UTC 2006
Robert <roberth at abbacomm.net>

Subject: [CentOS] multiple signed ssl certificatess on single IP address 

 

Good afternoon everyone,

This is my first post here. I was wondering if someone could clear my mind
about this.

I have a dedicated server with a single ip address assigned to it. I want to
host couple of site which are hosted somewhere else and they have signed
certificates. Now I want to host them all on this single server. 

 

Is it possible to bound more than one cert to a single IP based apache
server and host multiple virtual directories?

I did a research on line and found couple answers which are all confusing
me.

 

One suggested that I need to get additional ip's and assign different sites
to it. (Not a very practical solution) 

 

Other one says we can use the same cert and ip but have secondary host on
different port number than default.  Something likes https://www.abc.com
<https://www.abc.com/>  and https://www.def.com:444
<https://www.def.com:444/>  and so on. But this will cause people a warning
regarding the certificate error on second path, is that correct? 

 

Some one suggested a wild card certificate but how can I do that since
dedicated server name is a.dedicated.hostingcompany.com and I need to
generate certificates covering *.abc.com and *.def.com 

 

Would someone kindly clear my mind on this issue?  

 

greetings Ara Avvali,

 

as i recall, the "most practical" and still the easiest solution is to have
multiple ip addresses available and to provision them to the host

 

then do dns to have each domain that requires ssl on it's own unique ip
address.

 

yes, you can jump through the hoops the other way as you have found.

 

there are many single ip solutions. some work better than others. some
stink.

 

in the last two months i have not checked the latest server software
granularity for dealing with certs on a single ip though... meaning, i dont
know how many of the goofy hurdles and hoop jumping have truly been removed
that satisfy the server and client side transparency issues & needs.

 

 - rh

 

--
Robert Hanson - Abba Communications
   Computer & Internet Services
 (509) 624-7159 - www.abbacomm.net           

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20060318/cd022e99/attachment-0005.html>