Wednesday, July 23, 2014

Multiple SSL certificate support in apache with single IP - (SNI)

We mostly work on apache SSL and observed that we require multiple IP address for hosting multiple SSL websites ( with different SSL certificates). Here I found one TLS extension for apache named SNI stands for Server Name Indication. Using this we can host multiple SSL website in a single apache with single IP address.


NameVirtualHost *:443

SSLStrictSNIVHostCheck off

 DocumentRoot /var/www/html/web1
 SSLEngine ON
 SSLCertificateFile /etc/httpd/certs/web1/server.crt
 SSLCertificateKeyFile /etc/httpd/certs/web1/server.key
 ErrorLog /var/www/vhosts/web1/logs/error.log
 CustomLog /var/www/vhosts/web1/logs/access.log common

 DocumentRoot /var/www/html/web2
 SSLEngine ON
 SSLCertificateFile /etc/httpd/certs/web2/server.crt
 SSLCertificateKeyFile /etc/httpd/certs/web2/server.key
 ErrorLog /var/www/vhosts/web2/logs/error.log
 CustomLog /var/www/vhosts/web2/logs/access.log common


  1. but One IP address to host multiple sites using ssl .. is there any disadvantage?


Which operating system you like most?