Apache und SNI um mehrere SSL-Domains mit einer IP zu betreibenApache and SNI to support multiple vhosts with SSL using a single IP

Thanks to Apache’s SNI (Server Name Indication) it is possible to operate multiple SSL-based domains using a single IP. The following setup assumes you have SNI activated and configured correctly. If not, there exist some really good articles describing the steps to do so. See “Further readings” below.

The following example demonstrates how to setup

1.) Enable SNI for port 443: NameVirtualHost *:443

2.) Add (multiple) vhosts:

<VirtualHost *:443>
        ServerName domain.local
        ServerAlias my-domain
        DocumentRoot "/var/www/public"
        
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile "conf/ssl.crt/server.crt"
    SSLCertificateKeyFile "conf/ssl.key/server.key"
    BrowserMatch ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
    CustomLog "logs/ssl_request.log" "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
    
     <Directory "/var/www/public">
       Options Indexes MultiViews FollowSymLinks
       AllowOverride All
       Order allow,deny
       Allow from all
      </Directory>
    </VirtualHost>

Further readings

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *