Web Hosting Talk : Web Hosting Main Forums : Dedicated Server : Sharing SSL Certificate

[Nology]

I recently installed a Thawte SSL Certificate on my RaQ 550. I now wish to have it set so my other clients can share the certificate as well at something like: https://www.mydomain.com/www.mycustomerdomain.com

I've read other posts here about how to possibly do this, but I can't seem to make any sense of it.

Can anyone please give me some simple instructions as to how this can easily be done?

Thanks in advance.

[Nology]

Can anyone please help with this one???

[Nology]

PLEASE --- Can anybody help me with this?

If not, is someone interested in doing it for me for a rate?

[irlhost]

Try this

https://www.maindomain.com/~accountname/

[Nology]

Thanks, doesn't work. I'm not sure it's that easy.

[ddent]

I personally would recommend NOT doing it that way. Your better off getting a wildcard SSL certificate and doing customerdomain.yourdomain.com. Why? It makes it less likely that you will have problems with users stealing other users' cookies.

[Nology]

I wasn't aware that you could get wildcard SSL's, however given that I have already purchased one for my main domain, how can I get it to share?

[ddent]

I'd recommend looking at mod_rewrite. Maybe you can get a refund for the initial certificate and get a wildcard certificate instead.

[latebowl]

2 ways:

like was already mentioned, give the user an account on your main website that you bought the cert for and give them 10 meg or so. Then they can use the url: https://www.maindomain.com/~accountname/ for secure areas.

or create an alias called secure, exaclty the same way you setup a newsite alias for viewing sites before DNS propagation, and then customers can access their site either by http://www.customersite.com or https://www.maindomain.com/secure/www.customersite.com

Unfortunately both these methods have several pros and cons

[Nology]

Thank you latebowl, I'll give the 2nd option a go.

[latebowl]

no worries mate

the pros and cons I refer to are more regarding using these methods with shopping carts/cookies etc. It's tricky but can be done. There are also bandwidth and stats concerns.

In the end, if the client is using the cert for the purpose of making money, I'd suggest to them to purchase their own cert (they're not that much $) and give them an IP.

Cheers.

[ddent]

*nod* You can get certificates for $49 these days. Once people start getting into doing a fair bit of traffic they'll probably prefer the look of keeping it on their own domain. For small sites though I am sure there is value to a shared certificate.

[Nology]

I have attempted this by adding the following:

AliasMatch ^/secure/([^/]+)(/(.*))? /home/sites/$1/web/$3
to /etc/httpd/conf/httpd.conf

I added it near the bottom, just above:
Include /etc/httpd/conf/vhosts/site1

I'm not sure if this is the correct place or not, however it doesn't work. When I go to https://www.maindomain.com/secure/www.customersite.com all I get is a 403 Forbidden error.

Any ideas??? - By the way I have a RaQ 550

[latebowl]

AliasMatch ^/secure/([^/]+)(/(.*))? /home/sites/$1/web/$3
goes in /etc/httpd/conf/httpd.conf

I have it under the newsite alias line, in the virtual host entry for your main domain with the cert, in between the virtual host tags.

then restart Apache and it should work.

If you have a newsite alias like I mentioned earlier it should work, however I have only done this on RaQ4's.

[Nology]

I have placed AliasMatch ^/secure/([^/]+)(/(.*))? /home/sites/$1/web/$3 in /etc/httpd/conf/httpd.conf and restarted Apache.

Looks like it is different on the RaQ 550's. All my <VirtualHost> tags are '# out'. Just below that my vsites are listed:

Include /etc/httpd/conf/vhosts/site1
Include /etc/httpd/conf/vhosts/site2
etc....

I placed AliasMatch ^/secure/([^/]+)(/(.*))? /home/sites/$1/web/$3 just above this.