1

I have two different domains - thisdomain.com and otherdomain.com, we can't do anything with wildcards here.

  • The domains have their own SSL certificates.
  • The domains both have their own separate IP addresses.

My customer ideally wants to use both these domains on the same site on Apache. With non-SSL access this is no problem because I just add the requisite host headers.

I am aware of SAN certificates as described in this answer, but the customer wants to keep both domains on different IP addresses.

I know I can have two different virtual hosts pointing to the same content, but can it be done using just one virtual host?

I can do this on IIS7, but just wondered if Apache can do this as well.

Community
  • 1
Kev
  • 7,877
  • 18
  • 81
  • 108
  • 2
    Just playing devil's advocate here... why can't you use two virtual hosts? – iainlbc Aug 19 '11 at 18:17
  • And well played. But as I said, *customer requirement* was to have a single host. I also wanted to know the extent of Apache's capabilities in this respect so it can be documented for end users. – Kev Aug 19 '11 at 20:20

2 Answers2

2

No; a given VirtualHost block can only have a single SSL certificate configured. Architecturally, an SSL certificate in Apache is assigned to the VirtualHost, which then attaches to the ports, instead of the IIS way of attaching an SSL cert to a specific binding.

While you could attach the VirtualHost to both addresses easily, there's no way to present a different SSL cert on the separate IPs without doing separate vhosts.

Shane Madden
  • 114,520
  • 13
  • 181
  • 251
1

Actually, you can do this with UCC certs quite easily (one cert that covers multiple domains). But in practice, if you've already got the certs and IPs, just use two vhosts.

MrTuttle
  • 1,176
  • 5
  • 5
  • He mentioned that the client was uninterested in using a SAN certificate in the question, because of the desire to keep the sites on separate addresses. But, there's no reason that you couldn't still use 2 addresses with a SAN cert, so that's a moot point.. If there's a need to keep everything in a single vhost for some reason, I like this approach; +1. – Shane Madden Aug 19 '11 at 19:14
  • Indeed I do know all about SAN certs, but I just didn't know if Apache was capable of supporting more than one SSL per virtual host and wanted a definitive answer. – Kev Aug 19 '11 at 20:24