Results 1 to 7 of 7
  1. #1
    Join Date
    Aug 2002
    Posts
    655

    How to setup SSL for Virtual Domains?

    I want my virtual domain customers to be able to access a folder inside their home directory as https://www.hisdomain.com .

    1) I have created a folder https-docs inside their home directory.
    Now how do i map this in httpd.conf so that when someone types
    https://www.hisdomain.com the index page in the https-docs folder opens up?

    2) Is it necessary to generate a RSA private key and a CSR for each domain i want to setup https for?

    3) I do not have many ips, can the https be enabled for Virtual Hosts without having to allocate a separate IP for each vhost?

    4) Is it necessary that i have a SSL Certificate installed for each domain i want to enable https for?

    5) I am running Red Hat Enterprise Linux ES release 2.1 and apache-1.3.27-6.ent . I have following SSL packages installed;
    openssl-devel-0.9.6b-36
    mod_ssl-2.8.12-3
    openssl-0.9.6b-36

    6) Do i need the Apache-SSL package to support HTTPS on virtual domains ?

    7) My objective is just to have https enabled for all my customer domains to point to a secure folder on their hosted domains without having to setup SSL certificate for each.

    8) Why do you need SSL certificate?

    9) My /etc/httpd/conf/ssl.key has following files;
    server.key snakeoil-ca-dsa.key snakeoil-ca-rsa.key snakeoil-dsa.key snakeoil-rsa.key

    and /etc/httpd/conf/ssl.crt has following files;
    Makefile.crt ca-bundle.crt server.crt snakeoil-ca-dsa.crt snakeoil-ca-rsa.crt snakeoil-dsa.crt snakeoil-rsa.crt

    and /etc/httpd/conf/ssl.crl has following files;
    snakeoil-ca-dsa.prm snakeoil-dsa.prm

    What are these SNAKEOIL files?

    What do i need them for?

    Please help!
    Last edited by hostchamp; 04-03-2004 at 05:36 AM.

  2. #2
    To do it for the customer's domains, you need to generate a certificate signing request (CSR), get is signed by a proper authority, and then set it up on a dedicated IP. It has to be a dedicated IP as with HTTPS the address of the site being requested isn't sent until AFTER the certificate has been set up so the web server can't tell which certificate to send out. This is obviously impractical for lots of virtual hosts, as it would mean having large amounts of (increasingly scarce) ip addresses and a lot of hassle and expense (as the authorities don't sign the certificates for free).

    Your best bet for setting this sort of thing up therefore is to have something similar to the following:

    https://ssl.your-company-domain.com/~customername/

    Then you only need one SSL certificate and one IP.

  3. #3
    Join Date
    Aug 2002
    Posts
    655
    is there any tutorial on how to set this up as per my server setup mentioned above?

  4. #4
    Join Date
    Aug 2002
    Posts
    655
    anyone?

  5. #5
    Join Date
    Aug 2002
    Posts
    655
    pls can a webhosting guru answer my post?

  6. #6
    Join Date
    Aug 2003
    Posts
    95

    Talking

    Check it out.m Dunno it will help you or not...

    http://freessl.com/resources/guides/...per/index.html

  7. #7
    Join Date
    Aug 2002
    Posts
    655
    thanks EasyOne, chkin,

    does anyone has any pther feedback for above?

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •