Self-signed SSL with multiple domain names.

  • PolishHurricane
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1585

Post 3+ Months Ago

Hello I have an Apache server with SSL on it. Currently it uses a self-signed certificate which I have no problem with for now as it's not used for business purposes. The problem is that I have multiple domain names that point to my host and apparently it makes the SSL certificate invalid because the domain name doesn't match the certificate name if they use an alternative domain name.

So I'm wondering, is it possible to dynamically serve different self-signed certificates to match whatever HTTP host was requested when the browser finds my server?

If that didn't work I was then wondering if I could use PHP to dynamically create self-signed SSL certificates and I have a class for it, but I'm not sure how that works exactly. If I did that would I have to remove the openSSL from apache then use openSSL only on the PHP and somehow spit out a cert depending on whatever the $_SERVER['HTTP_HOST'] is?
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

http://www.dyndns.com/services/sslcert/ ... l#wildcard

Read Wildcard Certificates Defined. Is that what you want?
  • PolishHurricane
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1585

Post 3+ Months Ago

Nope that is not what I mean. I apologize for not giving an example. I have domains like this...

domainname.com
domainname.net
domainname.org

That point to the same server, same exact name, just different extensions.
  • Bozebo
  • Expert
  • Expert
  • User avatar
  • Posts: 709
  • Loc: 404

Post 3+ Months Ago

I havn't used ssl before, and I am having trouble finding a proper tutorial on google about how to make your own self signed one. However, if the certificate is stored in a text file, or at any point before being sent to the client it can be accessed by php. Then you could use $_SERVER['HTTP_HOST'] and some form of conditional statement to edit the domain in the certificate and then use apache's rewrite engine to rename the file (because it would be .php), I'm not sure if this helped you at all.
  • PolishHurricane
  • Mastermind
  • Mastermind
  • User avatar
  • Posts: 1585

Post 3+ Months Ago

The problem is even if you dynamically create the certificate using PHPs SSL functions (and doing that for me is probably no problem), you need to find a way so apache doesn't overwrite it with the SSL in it's configuration. That's what I don't understand, if I did it with PHP would apache do what it wants anyway? Or do you separately install OpenSSL With PHP and not apache and have PHP serve?

Man I wish I could help you with your certificate stuff, I lost most of my SSL bookmarks in the Great FireFox 3 Beta Test of '08. Here is something: http://raibledesigns.com/wiki/Wiki.jsp?page=ApacheSSL I had a really hard time myself trying to figure it out, still don't get it, but it's installed and working :)

I downloaded an apache server with SSL already on it.

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 88 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.