[mdlug] SSL Certs for Apache Virtual Hosts
Dan Pritts
danno at umich.edu
Mon Oct 27 17:17:36 EDT 2008
in my experience the server name *has* to match the name in the
certificate or you'll get browser warnings.
To achieve this you'll have to set up multiple virtual hosts, each
with its own IP address.
To make your config simpler you might consider making the
"alias" names all just redirect to the "real" names.
On Mon, Oct 27, 2008 at 01:30:19PM -0400, Wojtak, Greg wrote:
> I am setting up some of our intranet sites with ssl certs to keep
> passwords from flying around (virtually speaking) in clear text. I have
> set up several virtual hosts on an apache server with a ServerName and
> ServerAlias directives. The ServerName is set to the FQDN, while the
> ServerAlias is set to the short name. We are using self-signed certs
> (we have our own CA set up in house that the managed workstations
> recognize) on our internal sites. The issue, as I expected, is that
> when I generated the cert, I used the FQDN, so you get a name mismatch
> warning when going to the short-name version of the site. What is the
> best way to set this up so that you don't get a warning when browsing to
> either one? Is there a special way to generate the cert, or do I have
> to set up two vhosts pointing at the same DocumentRoot with two
> different certificates, one for each name? I had hoped not to have to
> do it that way because of having to maintain two vhosts for every site.
>
> TIA,
>
> Greg Wojtak
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
danno
--
dan pritts
danno at umich.edu
734-929-9770
More information about the mdlug
mailing list