I have two different sites, foo.com and bar.com, each running on a different (virtual) machine. Each has an SSL-enabled Ruby-on-Rails site running as follows:
# foo.com:/etc/apache2/sites-availables/foo.com.conf:
<VirtualHost *:80>
ServerName foo.com
ServerAlias www.foo.com
DocumentRoot /var/www/apps/foo.com/current/public
</VirtualHost>
<VirtualHost *:443>
ServerName foo.com
ServerAlias www.foo.com
DocumentRoot /var/www/apps/foo.com/current/public
SSLEngine On
SSLCertificateKeyFile /etc/apache2/ssl/foo.com.key
SSLCertificateFile /etc/apache2/ssl/WWW.FOO.COM.crt
SSLCertificateChainFile /etc/apache2/ssl/Apache_Plesk_Install.txt
</VirtualHost>
(Replace "foo.com" with "bar.com" as appropriate.)
I am in the process of merging the two code-bases in order to ease ease between users of foo.com and bar.com. Eventually they will both reside on the same server (foo.com) and both domain names will point to the same IP. The single server will be perfectly capable of handling the traffic from both sites -- they only get on order of a few dozen unique users each day, with peak load in the hundreds or low thousands.
The following is my proposed checklist of things to do for the merge. My question is: what am I forgetting?
- copy the private key, certificate, and certificate chain file from
bar.com:/etc/apache2/ssl/*tofoo.com:/etc/apache2/ssl/bar.com/* - copy the bar.com site configuration from
bar.com:/etc/apache2/sites-available/bar.com.conftofoo.com:/etc/apache2/sites-available/bar.com/confand edit the SSL configuration as per the previous point - (possibly change the foo.com SSL configuration to look more like the new bar.com ones)
- restart Apache on foo.com
- change the bar.com name listing to an alias to foo.com
Will that work? Will users get the right certificates or will they see certificate warnings?
