[mdlug] SSL Certs for Apache Virtual Hosts
Carl T. Miller
carl at carltm.com
Mon Oct 27 17:28:34 EDT 2008
Wojtak, Greg wrote:
> I am setting up some of our intranet sites with ssl certs to keep
> passwords from flying around (virtually speaking) in clear text. I have
> set up several virtual hosts on an apache server with a ServerName and
> ServerAlias directives. The ServerName is set to the FQDN, while the
> ServerAlias is set to the short name. We are using self-signed certs
> (we have our own CA set up in house that the managed workstations
> recognize) on our internal sites. The issue, as I expected, is that
> when I generated the cert, I used the FQDN, so you get a name mismatch
> warning when going to the short-name version of the site. What is the
> best way to set this up so that you don't get a warning when browsing to
> either one? Is there a special way to generate the cert, or do I have
> to set up two vhosts pointing at the same DocumentRoot with two
> different certificates, one for each name? I had hoped not to have to
> do it that way because of having to maintain two vhosts for every site.
The easiest way to do this is to set up apache on port 80
with as many ServerAliases as you can think of. Have a
Redirct statement to send anyone opening a page on port 80
to https://FQDN. This way they can type in any alias and
they are forwarded to the correct hostname and port for SSL.
c
More information about the mdlug
mailing list