Ssl – One vhost, multiple certificates

apache-2.4sslssl-certificatesubdomainvirtualhost

I have the domain example.com with the subdomains : www.example.com and a.example.com. Let's suppose that I can't buy a wildcard certificate but, I bought the certificates for example.com and www.example.com. Now I bought the certificate for a.example.com. The site and it's subdomains are in the same folder, using one Apache vhost file and subdomains are defined as aliases.

Can I merge the certificates into one file ?
What if I used the same key, csr files to generate the certificates ?
Is the ONLY solution to declare the sites in two different vhosts ?

Best Answer

Can I merge the certificates into one file?

No, only one leaf certificate is supported. Although from version 2.4.8 the SSLCertificateFile directive allows multiple certificates in that file, that is only to include intermediate CA certificates, sorted from leaf to root, as a replacement for the SSLCertificateChainFile directive.

The SSLCertificateFile directive can be used multiple times (referencing different filenames) when an RSA, a DSA, and an ECC based server certificate is used in parallel. But you can't use multiple SSLCertificateFile directives to load a certificate for the ServerName and an extra for the ServerAlias.

What if I used the same key, csr files to generate the certificates?

Still no.

Is the ONLY solution to declare the sites in two different vhosts ?

If you have two certificates you need two SSL VirtualHosts.

Best Answer

Related Solutions

SSL Certificate – How to Create for Multiple Subdomains

SSL Certificates – Must CSRs Be Generated on the Hosting Server?

Related Topic