Currently, my apache configuration includes one SSL certificate (with all domains listed as Alternative Subject Names). I furthermore have one virtual host configuration per domain that serves both SSL and non-SSL requests. All this happens on one public IP.
I’d like to switch to multiple SSL certificates, one per domain, using Subject Name Indication. I know it is possible if I duplicate all vhost configuration entries, once for port 80 and once for port 443 with SSL (as already discussed on SF).
But I would rather have something that resembles my current setup, with these features:
- All SSL related configuration in one place. In the best case a statement telling apache „Use all SSL certificates in this directory, and for each HTTP request, pick the right one based on the SNI information“
- Virtual host configuration non-duplicated and with no special mention of SSL at all.
- Possibility to server many domain names with one virtual host configuration, while still having separate certificates for each.
Is that possible?
Best Answer
There's no getting around the structure of virtual hosts that Apache needs to support this configuration; the
<VirtualHost>blocks need to exist and need to contain the config directives to set up the listeners.The best you can do is something like this..