Results 1 to 3 of 3
  1. #1

    Shared SSL, multiple domains on single IP

    Am I correct in saying that multiple domains (hosted with various hosting companies) all repointed to a single IP address, cannot make use of a shared SSL certificate installed at that address?

  2. #2
    Join Date
    Nov 2005
    Posts
    352
    Technically they can use the same SSL certificate, however your users will constantly get scary warnings like "hostname doesn't match the SSL certificate" and "people may be trying to steal your information" every time they visit that site.

  3. #3
    Join Date
    Oct 2004
    Location
    Southwest UK
    Posts
    1,159
    I think the way to do it is to host a secure site on a shared domain name (eg mywebhost-secure.com) and then place the secure parts of your customer's sites in there as subdirectories (or subdomains, with a wildcard SSL certificate). If you create symlinks from your customer's ssl directory they won't notice any difference as long as you get the security right.

    Doing this gets round the problem where the cert name doesn't match the site name, but browsers would see the secure url instead of the site they came from. If you name the subdirectory right, it'll be obvious what's happening - eg a visitor to 'mysite.com' gets redirected to the secure pages of mysite.com, it'd show up as 'securehost.com/mysite' instead.

    I think that's the best you can do, you cannot share SSL certificates on a single IP as the encryption has to happen before apache can tell which vhost the browser is looking for, hence its 1 cert to each IP address only.
    Do not meddle in the affairs of Dragons, for you are crunchy and taste good.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •