Currently the general rule when using SSL is that you will need one IP for each hostname you want to secure. This will all change once TLS2.0 is widely adopted. For the time being, if you are lucky enough to only want to be securing multiple subdomains off of the same domain with a wildcard SSL cert the keep reading below.

1. Ensure that your apache config includes:

NameVirtualHost *:443

2. Your vhosts:

<VirtualHost *:443>
ServerName subdomain1.example.com
……
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /path/to/your/ssl.crt
SSLCertificateKeyFile /path/to/your/ssl.key
……
</VirtualHost>
<VirtualHost *:443>
ServerName subdomain2.example.com
……
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
SSLCertificateFile /path/to/your/ssl.crt
SSLCertificateKeyFile /path/to/your/ssl.key
……
</VirtualHost>
If my understanding is correct of apache, it will enter the first virtualhost it finds that is SSL in this case and use the certificate details in there to decrypt the request. If the hostname does not match at that point it will move along to the next virtualhost that it can match and try there.

Comment now!
















Trackbacks