For enabling SSL for a single domain on a server with muliple vhosts, will this configuration work?
Posted
by
user1322092
on Server Fault
See other posts from Server Fault
or by user1322092
Published on 2012-04-14T21:12:00Z
Indexed on
2012/04/14
23:33 UTC
Read the original article
Hit count: 306
I just purchased an SSL certificate to secure/enable only ONE domain on a server with multiple vhosts. I plan on configuring as shown below (non SNI). In addition, I still want to access phpMyAdmin, securely, via my server's IP address. Will the below configuration work? I have only one shot to get this working in production. Are there any redundant settings?
---apache ssl.conf file---
Listen 443
SSLCertificateFile /home/web/certs/domain1.public.crt
SSLCertificateKeyFile /home/web/certs/domain1.private.key
SSLCertificateChainFile /home/web/certs/domain1.intermediate.crt
---apache httpd.conf file----
...
DocumentRoot "/var/www/html" #currently exists
...
NameVirtualHost *:443 #new - is this really needed if "Listen 443" is in ssl.conf???
...
#below vhost currently exists, the domain I wish t enable SSL)
<VirtualHost *:80>
ServerAdmin [email protected]
ServerName domain1.com
ServerAlias 173.XXX.XXX.XXX
DocumentRoot /home/web/public_html/domain1.com/public
</VirtualHost>
#below vhost currently exists.
<VirtualHost *:80>
ServerName domain2.com
ServerAlias www.domain2.com
DocumentRoot /home/web/public_html/domain2.com/public
</VirtualHost>
#new -I plan on adding this vhost block to enable ssl for domain1.com!
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName www.domain1.com
ServerAlias 173.203.127.20
SSLEngine on
SSLProtocol all
SSLCertificateFile /home/web/certs/domain1.public.crt
SSLCertificateKeyFile /home/web/certs/domain1.private.key
SSLCACertificateFile /home/web/certs/domain1.intermediate.crt
DocumentRoot /home/web/public_html/domain1.com/public
</VirtualHost>
As previously mentioned, I want to be able to access phpmyadmin via "https://173.XXX.XXX.XXX/hiddenfolder/phpmyadmin" which is stored under "var/www/html/hiddenfolder"
© Server Fault or respective owner