Can I use a single certificate for two domains which are hosted on the same VPS that is using one IP address?
Asked
Active
Viewed 1,117 times
3 Answers
4
Use the NameVirtualHost directive :
NameVirtualHost *:443
define your vhosts:
<VirtualHost *:443>
ServerName www.studyhat.blogspot.com
DocumentRoot "/opt/apache22/htdocs/siteA"
SSLCertificateFile "/path/to/my/cert"
SSLCertificateKeyFile "/path/to/my/key"
</VirtualHost>
<VirtualHost *:443>
ServerName www.studyhat.wordpress.com
DocumentRoot "/opt/apache22/htdocs/siteB"
SSLCertificateFile "/path/to/my/cert"
SSLCertificateKeyFile "/path/to/my/key"
</VirtualHost>
neolix
- 528
- 7
- 20
3
Yes it is possible. This is called a Unified Communication Certificate. Refer to this wikipedia article.
Lucas Kauffman
- 16,880
- 9
- 58
- 93
-
I was about to answer no, citing the TLS handshake occuring prior to the http request being made, those UC certs are new on me, thanks for the info. – Oneiroi Mar 19 '12 at 16:44
-
@Oneiroi Even without subject alternate names or a wildcard cert, there's a widely deployed TLS extension to indicate hostname. – Shane Madden Mar 20 '12 at 01:20
0
As detailed in this answer, you essentially get 3 options:
- Using a wildcard certificate: a certificate issued for
*.example.comthat would matchwww1.example.comandwww2.example.com. Beware*.example.comwill not matchexample.com. In addition, their usage is generally discouraged (see RFC 6215). - Using a certificate with multiple Subject Alternative Name entries. There should be one entry per host. This is generally widely supported. How they're called commercially will depend on the CA (they're sometimes called UCC).
- Using multiple certificates via the Server Name Indication extension (allowing you to have multiple
VirtualHost *:443with distinctServerNames andSSLCertificateconfiguration). This is not supported for any version of IE on Windows XP and may cause problem with some mobile browsers too.
