For years there has been the problem with SSL/HTTPS requiring a separate IP per X.509 certificate. Almost all webservers serving unencrypted plain HTTP/1.1 support a mechanism called name-based virtual hosts which enables a theroeticaly unlimited number of different doamins on on IP. This was not the cast for HTTPS since SNI arrived.
Now it was the time to enable SNI on my Apache 2.2 instance. In fact I changed only the NameVirtualHost directive and enable mod_ssl. I now have NameVirtualHost twice in the global Apache configuration:
NameVirtualHost *:80 NameVirtualHost *:443
Now I only had to add a separate certificate for each virtual host. Works like a charm.
The only documentation I had can be found here:
http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
Add a comment