I am still having issues trying to get multiple valid SSL certificates to work for multiple website domains on the same Apache-Ubuntu server. Client browsers need to successfully validate SSL certificates for Internet Explorer in WinXP, Vista and Win 7, FF on all operating systems, and Safari on Mac OSX.
I tried to ask this question a couple of times previously, but because I didn't articulate my problem well, I got good answers that didn't help me achieve my end goal.
For example, I tried to get multiple SSL to work on a single IP and port(q1) using NameBasedVirtual hosting and SNI(q2).
But the problem is that it doesn't work for some of the older browsers like Internet Explorer 7 on Windows XP (works fine in IE7 on Windows Vista).
So then I tried something I think is called IP aliasing. I purchased a new IP address 2.2.2.2. Now I have two: 1.1.1.1 and 2.2.2.2. I issued the following shell commands to add 2.2.2.2 to my server:
john@server> ifconfig eth0:1 2.2.2.2 netmask 255.255.255.0
john@server> route add -host 2.2.2.2 dev eth0:1
And I made sure the following two lines existed in my /etc/hosts file
1.1.1.1 john1
2.2.2.2 john2
I then set up my vhost files exactly as shown in q1. I restarted Apache but all my websites came through on the 1.1.1.1 IP instead of the 2.2.2.2 IP. As a result IE7 on Win XP threw a "certificate can't be trusted" error. When I changed any of the
So I'm back to my original problem. Where can I find a working step-by-step guide on how to set up multiple SSL on the same apache-ubuntu server? Can anyone help me troubleshoot this problem?
Thanks
Answer
Ok i figured out my problem. I needed to go to the zone file/dns manager and point each domain to their respective A record IP address (eg. site2.com to 2.2.2.2). After that, the VirtualHost files were able to recognize
and
That way, Apache could then start associating each domain name to their respective IP address.
No comments:
Post a Comment