Two domain names with SSL on one IP
If you have two different domain names with SSL certificates hosted on one server with one IP address then you will get a warning on the client. Warning is like this: SSL certificate is issued to another domain name. It means that it is not possible to have multiple https virtual hosts on apache web server using one IP address.
If you setup Apache’s VirtualHosts on port 443 on one IP you will get this warning while starting Apache:
[warn] _default_ VirtualHost overlap on port 443, the first has precedence
You can add this line:
This works for multiple domains on one IP on port 80: (in case of warning [warn] _default_ VirtualHost overlap on port 80, the first has precedence):
! BUT in case of port 443 this is not a solution. A client’s browser will still show a warning.
The solution is to get additional IP addresses. One web server can be assigned multiple IP addresses. Find an example how to configure VirtualHosts in Apache to have two domains with SSL below.
Some theory about SSL and connection with web server
HTTPS establishes an SSL connection with the server prior to any HTTP conversation. Since SSL requires a certificate which is linked to the server host name, and the virtual host name hasn’t been transmitted by the client yet, there’s no way short of ESP for the server to tell which SSL certificate to use. But this isn’t an apache server failing so much as a general issue with HTTP/SSL.
Virtual hosts with SSL on Apache web server
This example shows two domains with both 80 and 443 port that will work for http and https.
NameVirtualHost *:80 <VirtualHost *:80> ServerName site1.com ServerAlias www.site1.com ServerAdmin email@example.com DocumentRoot "/var/www/html/site1" </VirtualHost> <VirtualHost ip1:443> ServerName site1.com DocumentRoot "/var/www/html/site1" SSLEngine on SSLCertificateFile /path/to/cert/site1.com.crt SSLCertificateKeyFile /path/to/cert/site1.com.key SSLCertificateChainFile /path/to/cert/bundle1.crt </VirtualHost> <VirtualHost *:80> ServerName site2.com ServerAlias www.site2.com ServerAdmin firstname.lastname@example.org DocumentRoot "/var/www/html/site2" </VirtualHost> <VirtualHost ip2:443> ServerName site2.com DocumentRoot "/var/www/html/site2" SSLEngine on SSLCertificateFile /path/to/cert/site2.com.crt SSLCertificateKeyFile /path/to/cert/site2.com.key SSLCertificateChainFile /path/to/cert/bundle2.crt </VirtualHost>