Multiple SSL websites with differtent certificates on one droplet (LAMP setup)

Posted July 7, 2014 8.1k views

I was searching for multiple IPs connected to one droplet to enable SSL but then read that this would not be nessecary and that there would be coming a guide on how to setup SSL for multiple domains on one droplet.

I have an apache webserver, also virtualmin installed. I would like to have SSL (different certificates) for 2 virtual servers on this droplet.

Is this possible, and if yes, how would I set this up?

1 comment
  • Hi!

    All documentation from Virtualmin indicates that you can do this in a straight forward fashion - just enabling SSL for each new server within the same IP/Virtualmin install.

    However, whenever I actually try to enable a 2nd SSL certificate, I get the primary server to take on the new SSL, which yields a domain mismatch and hence an error.

    If you have any clues on how to do it I would greatly appreciate.

    Most relevant documentation so far found here:


These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
4 answers


This can be done with relative ease. The below linked guide is very helpful for apache users attempting to perform the exact task you are doing:

One (major) disadvantage of using SNI is the fact that it is not supported by Windows XP.

Although XP is end-of-life it is broadly used (especially in large enterprises) and still has a market share of more than 25%: Wikipedia: OS Market Share

This means if you run a web shop etc. you will kick out one quarter (!) of potential customers…

The only (but little bit more expensive) way to serve all browsers is to use a multi-domain SSL certificate. It allows you to include multiple host names (up to 100) in one single cert: Multi-Domain (SAN) SSL Certificates

If you use a self-signed certificate just for testing or a private box, just add your domain names as SAN (Sunject Alternative Name) when creating your CSR.