Home
Correctly Serving SSL Certificate for Multiple Domains on the Same Server if You have Multiple IPs
Tags:, , ,

Correctly Serving SSL Certificate for Multiple Domains on the Same Server if You have Multiple IPs

July 19, 2015 No Comments apache server, SSL, Virtual Private Server, webhosting

In this post, I have talked about setting up second SSL certificate for second domain hosted on the same VPS server. The website whynopadlock.com verifies both domains as having a correct SSL (SSL Certificates – Comodo PositiveSSL) installed.

However, tests shown for justyy.com says “This site works only in browsers with SNI support.”

https://www.ssllabs.com/ssltest/analyze.html?d=justyy.com

but it shows OK for https://www.ssllabs.com/ssltest/analyze.html?d=helloacm.com

Quickhost Support “This issue is related to the configuration of the web server service you are running on the VPS. Either Apache, Nginx, TomCat etc.. The issue you see is your software not serving the correct SSL certificate. You will need 1 IP for each site with SSL. Then you will need to configure web server “Apache ?” to listen on that IP on port 443 (standard HTTPS port) for each sites SSL vhost entry. not to be confused with the HTTP vhost entries. ”

Quickhost Support Replys: “If you are using SNI then you are sharing the IP. If not configured correctly the wrong SSL will be served. Perhaps the SSL from the default or first vhost? I guess you have 1 IP as VPS default IP and 1 IP for the other site. So currently Apache or whichever web server you are using is sharing 1 IP as a standard vhost and a SSL vhost. Unfortunately as this is not a managed VPS there is not much else we can do as we have no visibility over the configuration. Please understand that this is a common issue and is not related to the SSL certificate but rather a web server config issue.”

Finally, I resolved this issue by changing <Virtualhost *:443> to <VirtualHost 78.157.*.*:443> in /etc/apache2/sites-enabled/justyy.com.conf and restart the apache2 server by

1
2

sudo /etc/init.d/apache2 restart  # or
sudo service apache2 restart
sudo /etc/init.d/apache2 restart  # or
sudo service apache2 restart

SNI support is a technique that enables SSL for shared-IP, which isn’t supported in XP – IE6-IE8 (very few nowadays), but it would be better to get rid of the warning especially you have purchased the second IP for SSL on second domain. Why waste it?

–EOF (The Ultimate Computing & Technology Blog) —

GD Star Rating
loading...
501 words
Last Post: Manage Google Analytics Account in One Place
Next Post: MSTest - Out of Memory - LAA for 32-bit Test Agent

The Permanent URL is: Correctly Serving SSL Certificate for Multiple Domains on the Same Server if You have Multiple IPs

Related posts:

  1. Displaying a File with Line Number on Linux Shells There are many ways to show line numbers when displaying text files. For example, in...
  2. NUC Hardware Review: Raspberry PI B Plus Model Today, I got the new Raspberry Pi B+ from Newark. It is Raspberry B Plus...
  3. How to Enable SSL Connections on Ubuntu Server? Well, the SSL (Secure Socket Layer) is the future for internet (blogs, websites etc). The...
  4. The Domains and Webhosting History This page serves to keep a list of the major changes for my websites. It...
  5. Delphi Compiles Code to Linux 64-bit Server If you are on the EMB subscription, you should recently get invitiation email to try...
  6. A Big Monitor Does Help in Improving Agile Development The company has purchased a 50inch big monitor to display code statistics generated at CI...
  7. Why and How to Turn Off Ping (ICMP) for Servers? The ping command is popular and it is often used to tell if a server...
  8. Get a Random and Hopefully Interesting Adage Online – Fortune-Teller (API) The linux is a fun place to work at. It provides interesting commands such as...

Leave a Reply