Multiple SSL certificates on CentOS/Apache

Support for security such as Firewalls and securing linux
Post Reply
maseer
Posts: 5
Joined: 2014/10/09 00:43:24

Multiple SSL certificates on CentOS/Apache

Post by maseer » 2015/11/04 02:44:52

Hi Team,

I am using CentOS 6.5 on Apache.
When configured to SSL to have multiple Virtual host with the SSL certificate throws following error when restarting Apache.

root@tst ~]# sudo service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [Wed Nov 04 12:23:46 2015] [warn] _default_ VirtualHost overlap on port 443, the first has precedence.

SSL Config as below and we have only 1 IP for this server and separate set of certificates each host.

<VirtualHost *:443>
ServerName xxx.xxxx.xxx.xx
.......
</VirtualHost>

<VirtualHost *:443>
ServerName yyy.yyyy.yyy.yy
.......
</VirtualHost>

Please can you help me to find the issue.

Thanks,
Maz
Top
aks
Posts: 3073
Joined: 2014/09/20 11:22:14

Re: Multiple SSL certificates on CentOS/Apache

Post by aks » 2015/11/04 18:01:49

I guessing .. don't use the port as the differentiator (is that a word?) for the virtual hosts, use something else (like the URL).
Top
User avatar
TrevorH
Site Admin
Posts: 33215
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Multiple SSL certificates on CentOS/Apache

Post by TrevorH » 2015/11/04 18:44:32

If you are doing SSL then either you need a separate IP address for each different site that requires a different certificate or you need to use SNI.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Top
Post Reply

Return to “CentOS 6 - Security Support”