setup issue of two SSL certificate in one apache web server

Question

Possible Duplicate:
Multiple SSL domains on the same IP address and same port?

I am trying to setup SSL certificate for my two domains on one apache web server. I do have two certificated for my two domains.

I have created two virtual hosts for my two domains :

<VirtualHost *:443>

NameVirtualHost *:443

ServerName domain1.com

...
..
SSLCertificateFile /etc/pki/tls/certs/domain1.cer

SSLCertificateKeyFile /etc/pki/tls/private/domain1.pem
..
</VirtualHost>



<VirtualHost *:443>

NameVirtualHost *:443

ServerName domain2.com

...

SSLCertificateFile /etc/pki/tls/certs/domain2.cer

SSLCertificateKeyFile /etc/pki/tls/private/domain2.pem

..
..
</VirtualHost>

The SSL certificate loads up and show valid certificate for domain1, but on visiting domain2, it loads up the domain1 certificate only.

What more changes do i need to do for this to work?

One public IP address, both these domains are bind to one public ip address and I am doing this configuration on the same apache server only. — Ankit, Jan 25 '12 at 06:32

score 0 · Answer 1 · answered Jan 25 '12 at 06:39

"As a rule, it is impossible to host more than one SSL virtual host on the same IP address and port. This is because Apache needs to know the name of the host in order to choose the correct certificate to setup the encryption layer. But the name of the host being requested is contained only in the HTTP request headers, which are part of the encrypted content. It is therefore not available until after the encryption is already negotiated. This means that the correct certificate cannot be selected, and clients will receive certificate mismatch warnings and be vulnerable to man-in-the-middle attacks." -- http://wiki.apache.org/httpd/NameBasedSSLVHosts

setup issue of two SSL certificate in one apache web server

1 Answers1