Results 1 to 7 of 7
-
04-03-2004, 05:29 AM #1Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 655
How to setup SSL for Virtual Domains?
I want my virtual domain customers to be able to access a folder inside their home directory as https://www.hisdomain.com .
1) I have created a folder https-docs inside their home directory.
Now how do i map this in httpd.conf so that when someone types
https://www.hisdomain.com the index page in the https-docs folder opens up?
2) Is it necessary to generate a RSA private key and a CSR for each domain i want to setup https for?
3) I do not have many ips, can the https be enabled for Virtual Hosts without having to allocate a separate IP for each vhost?
4) Is it necessary that i have a SSL Certificate installed for each domain i want to enable https for?
5) I am running Red Hat Enterprise Linux ES release 2.1 and apache-1.3.27-6.ent . I have following SSL packages installed;
openssl-devel-0.9.6b-36
mod_ssl-2.8.12-3
openssl-0.9.6b-36
6) Do i need the Apache-SSL package to support HTTPS on virtual domains ?
7) My objective is just to have https enabled for all my customer domains to point to a secure folder on their hosted domains without having to setup SSL certificate for each.
8) Why do you need SSL certificate?
9) My /etc/httpd/conf/ssl.key has following files;
server.key snakeoil-ca-dsa.key snakeoil-ca-rsa.key snakeoil-dsa.key snakeoil-rsa.key
and /etc/httpd/conf/ssl.crt has following files;
Makefile.crt ca-bundle.crt server.crt snakeoil-ca-dsa.crt snakeoil-ca-rsa.crt snakeoil-dsa.crt snakeoil-rsa.crt
and /etc/httpd/conf/ssl.crl has following files;
snakeoil-ca-dsa.prm snakeoil-dsa.prm
What are these SNAKEOIL files?
What do i need them for?
Please help!Last edited by hostchamp; 04-03-2004 at 05:36 AM.
-
04-03-2004, 06:53 AM #2Junior Guru Wannabe
- Join Date
- Feb 2004
- Posts
- 82
To do it for the customer's domains, you need to generate a certificate signing request (CSR), get is signed by a proper authority, and then set it up on a dedicated IP. It has to be a dedicated IP as with HTTPS the address of the site being requested isn't sent until AFTER the certificate has been set up so the web server can't tell which certificate to send out. This is obviously impractical for lots of virtual hosts, as it would mean having large amounts of (increasingly scarce) ip addresses and a lot of hassle and expense (as the authorities don't sign the certificates for free).
Your best bet for setting this sort of thing up therefore is to have something similar to the following:
https://ssl.your-company-domain.com/~customername/
Then you only need one SSL certificate and one IP.
-
04-04-2004, 03:49 PM #3Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 655
is there any tutorial on how to set this up as per my server setup mentioned above?
-
04-05-2004, 01:44 PM #4Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 655
anyone?
-
04-06-2004, 05:17 AM #5Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 655
pls can a webhosting guru answer my post?
-
04-07-2004, 03:41 AM #6Junior Guru Wannabe
- Join Date
- Aug 2003
- Posts
- 95
Check it out.m Dunno it will help you or not...
http://freessl.com/resources/guides/...per/index.html
-
04-07-2004, 12:07 PM #7Web Hosting Master
- Join Date
- Aug 2002
- Posts
- 655
thanks EasyOne, chkin,
does anyone has any pther feedback for above?