• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

SSL problem. Please Help!

N

nanashu

Junior Member
I have a Linux server here hosting 2 websites and SSL is giving me problem here. I got the certs already and i tried them out individually and they all work fine if i disable one of the other websites.

However when i tried to run them concurrently, one is working and one is still showing the internet security pop-up saying that the dns name is not same as in the cert - it's being overridden. There is no /proc/network/alias* files in our server which means there's no IP aliasing function here (i assummed). In the httpd.conf and ssl.conf files, they are set to listen *:80, listen *:443; <virtualhost *:80>, <virtualhost *:443>; namevirtualhost *:80, namevirtualhost *:443; respectively. I am thinking that the * sign actually causes the problem but i have no idea how to fix this. All that went to port 80 are redirected to port 443.

Is there any other way i can fix this issue? Thanks in advance.
 
I don't think you can have multiple correctly signed SSL sites on the same web server, on the same port. This is a restriction that exists in IIS, Apache, and every other web server I have seen. You request the cert prior to host headers taking place, so you can ONLY HAVE ONE CERT PER SERVER!
 
SSL doesn't work well with virtual hosts because the SSL handshake is done before the webserver knows what hostname the client expects. The only two options that I know of are to use one wildcard cert for all of the sites or to use a seperate IP for each site.
 
Thanks for the prompt reply y'all. 🙂 About the seperate IP for each site, do you guyz mean that i need to set up a whole new server for the other website? Or i can set it up by modifying *.conf files in my linux server? If i can modified the .conf files, any example of how to do it? Any recommended site that i can get such info from?

I tried googling my problem but it seems to me that the topics searched are too random.

Wildcard cert is the last thing i want to resort to though.

Thanks again.
 
You should just need to modify the way VirtualHosts are setup in the .conf files (to use IP-based virtual hosts instead of name-based virtual hosts, or some combination of the two, I think). More info here http://httpd.apache.org/docs/2.0/vhosts/ I haven't actually done this before so I'm not sure of the exact syntax you want.
 
About the seperate IP for each site, do you guyz mean that i need to set up a whole new server for the other website?
Click to expand...

No, you can generally attach as many IPs as you want to a single interface as long as they're on the same subnet.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top