[CentOS] SSL and virtual hosts?

Mon Sep 21 08:59:56 UTC 2009
Christoph Maser <cmr at financial.com>

Am Sonntag, den 20.09.2009, 16:27 +0200 schrieb Benjamin Franz:
>
>
> Christoph Maser wrote:
> > Am Sonntag, den 20.09.2009, 11:36 +0200 schrieb Niki Kovacs:
> >
> >> Hi,
> >>
> >> I successfully managed to use SSL on a local webserver for testing
> >> purposes, following the section "Using SSL" in the Chapter "Using
> >> Apache" of the "Definitive Guide to CentOS". Now I wonder: how can I use
> >> SSL with virtual hosts?
> >>
> >
> > You can't. At least not with name based virtual hosts and classic SSL.
> > See http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts.
> >
> That is outdated information. There are at least two ways to use virtual
> hosts with SSL on Apache.
>
> 1) Use a wildcard cert. You can use *.somedomain certs to serve multiple
> SSL domains on a single IP so long as they fit in the *.somedomain pattern.
>
> 2) Use the SNI extension.
> http://hvera.wordpress.com/2009/09/02/apache-ssl-with-virtual-hosts-using-sni/
>
> Note, however, that SNI does not work with older version of MSIE.


I don't consider both options as usable as 1) will not work for
different domains and 2) is not compatible with old clients. So in my
opinion the information I gave is not outdated at all and actually will
never be.


financial.com AG

Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany
Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany
Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach
Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender)
Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553