I have the domain example.com with the subdomains : www.example.com and a.example.com. Let's suppose that I can't buy a wildcard certificate but, I bought the certificates for example.com and www.example.com. Now I bought the certificate for a.example.com. The site and it's subdomains are in the same folder, using one Apache vhost file and subdomains are defined as aliases.
- Can I merge the certificates into one file ?
- What if I used the same key, csr files to generate the certificates ?
- Is the ONLY solution to declare the sites in two different vhosts ?
Best Answer
No, only one leaf certificate is supported. Although from version 2.4.8 the
SSLCertificateFile
directive allows multiple certificates in that file, that is only to include intermediate CA certificates, sorted from leaf to root, as a replacement for theSSLCertificateChainFile
directive.The
SSLCertificateFile
directive can be used multiple times (referencing different filenames) when an RSA, a DSA, and an ECC based server certificate is used in parallel. But you can't use multipleSSLCertificateFile
directives to load a certificate for theServerName
and an extra for the ServerAlias.Still no.
If you have two certificates you need two SSL VirtualHosts.