[CentOS] ssl and NameVirtualHost

Wed Apr 9 19:21:29 UTC 2008
Rick Barnes <linux at sitevision.com>

Tony Schreiner wrote:
> I recently aquired a Verisign SSL certificate for my web server on 
> Centos 4, with apache 2.0.59 from centosplus.
> It however doesn't seem to be working the way I've set it up, browsers 
> connect but are told the certiticate is not recognized. Showing more 
> info, the information looks  correct.
> I think it has probably to do with the fact that I'm using the 
> certificate on a virtual named host, and I wonder If any body has 
> experience doing this? A few places in the apache documentation suggest 
> that SSL cannot be used with name based virtual hosting, but I don't if 
> that means, not at all, or not with multiple named hosts.
> I have multiple NameVirtualHost on port 80, but will only plan to use 
> one of the names on port 443.
> The start of the section in my ssl.conf goes like this:
> <VirtualHost _default_:443>
>     ServerName nameprotected.domain.edu:443
>     ServerAdmin me at domain.edu
>     DocumentRoot /var/www/docs/nameprotected
> nameprotected.domain.edu  is a DNS CNAME to the actual host.
> How do folks do SSL and virtual hosts? multiple IP addresses is not an 
> option for me.

This is how I do it:
NameVirtualHost IP.AD.DR.ESS:443

<VirtualHost IP.AD.DR.ESS:443>
     SSLEngine On
     SSLCertificateFile path/to/domain.crt
     SSLCertificateKeyFile path/to/domain.key
     ServerName domain.tld
     ServerAdmin webmaster at domain.tld
     DocumentRoot /path/to/webroot
     ErrorLog /path/to/logs/errors.log
     CustomLog /path/to/logs/access.log combined