Question

Multiple SSL websites with differtent certificates on one droplet (LAMP setup)

  • Posted July 7, 2014

I was searching for multiple IPs connected to one droplet to enable SSL but then read that this would not be nessecary and that there would be coming a guide on how to setup SSL for multiple domains on one droplet.

I have an apache webserver, also virtualmin installed. I would like to have SSL (different certificates) for 2 virtual servers on this droplet.

Is this possible, and if yes, how would I set this up?

Subscribe
Share

Hi!

All documentation from Virtualmin indicates that you can do this in a straight forward fashion - just enabling SSL for each new server within the same IP/Virtualmin install.

However, whenever I actually try to enable a 2nd SSL certificate, I get the primary server to take on the new SSL, which yields a domain mismatch and hence an error.

If you have any clues on how to do it I would greatly appreciate.

Most relevant documentation so far found here: https://www.virtualmin.com/node/19230

Regards


Submit an answer
You can type!ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

This comment has been deleted

One (major) disadvantage of using SNI is the fact that it is not supported by Windows XP.

Although XP is end-of-life it is broadly used (especially in large enterprises) and still has a market share of more than 25%: Wikipedia: OS Market Share

This means if you run a web shop etc. you will kick out one quarter (!) of potential customers…

The only (but little bit more expensive) way to serve all browsers is to use a multi-domain SSL certificate. It allows you to include multiple host names (up to 100) in one single cert: Multi-Domain (SAN) SSL Certificates

If you use a self-signed certificate just for testing or a private box, just add your domain names as SAN (Sunject Alternative Name) when creating your CSR.

Thank you!

Hi,

This can be done with relative ease. The below linked guide is very helpful for apache users attempting to perform the exact task you are doing:

http://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm