How to Setup Multiple SSL Certificates in One IP with Apache in CentOS


multiple ssl certificates in one ip with apache

Sometimes, you may have to run multiple websites on same IP, to save server costs and resources. In such cases, it can be tricky to secure them with SSL certificates. Here’s how to setup multiple SSL certificates in one IP with Apache in CentOS.

 

How to Setup Multiple SSL Certificates in One IP with Apache in CentOS

Here are the steps to setup multiple SSL certificates in one IP with Apache in CentOS.

Let’s say you want to set up 2 virtual hosts(www.example1.com and www.example2.com) in your Apache server.

 

1. Open Apache config file

Open Apache config file in a text editor. You will find it at one of the following locations:

  • /etc/apache2/httpd.conf
  • /etc/apache2/apache2.conf
  • /etc/httpd/httpd.conf
  • /etc/httpd/conf/httpd.conf

 


$ sudo vim /etc/apache2/httpd.conf

 

2. Add Virtual Hosts

We will use NameVirtualHost and ServerAlias directive to run both virtual hosts on same ip and port.

Add the NameVirtualHost directive.

Next, add 2 virtual host blocks, one for each virtual host , as shown. They both run on port 443. The key is to use different ServerName and ServerAlias directives and DocumentRoot directive to distinguish between the 2 virtual hosts. You can also use separate ErrorLog locations

 


NameVirtualHost *:443

<VirtualHost *:443>
 ServerName www.example1.com
 DocumentRoot /var/www/example1
 SSLEngine on
 SSLCertificateFile /path/to/certificate.crt
 SSLCertificateKeyFile /path/to/certificate.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

<VirtualHost *:443>
 ServerName www.example2.com
 DocumentRoot /var/www/example2
 SSLEngine on
 SSLCertificateFile /path/to/certificate2.crt
 SSLCertificateKeyFile /path/to/certificate2.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

 

The key is to specify different ServerName, DocumentRoot and SSL Certificate details for each virtual host. Also use the same port number.

 

If you have a wildcard or multi-domain SSL certificate, use the same certificate details for both virtual hosts.

 


NameVirtualHost *:443

<VirtualHost *:443>
 ServerName www.example1.com
 DocumentRoot /var/www/html/example1
 SSLEngine on
 SSLCertificateFile /path/to/certificate.crt
 SSLCertificateKeyFile /path/to/certificate.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

<VirtualHost *:443>
 ServerName www.example2.com
 DocumentRoot /var/www/html/example2
 SSLEngine on
 SSLCertificateFile /path/to/certificate.crt
 SSLCertificateKeyFile /path/to/certificate.key
 SSLCertificateChainFile /path/to/DigiCertCA.crt
</VirtualHost>

 

 

Please Note: If you have setup separate virtual host files for each domain in Apache, then update the <VirtualHost> block in their respective files, with the ones shown above.

 

 

3. Restart Apache web server

Restart Apache web server to apply changes


$ sudo /etc/init.d/apache2 start [Debian or Ubuntu]
# sudo apachectl restart [RHEL, CentOS or Fedora]

 

That’s it! Now both virtual hosts www.example1.com and www.example2.com will serve with SSL from same IP.

 

About Sreeram Sreenivasan

Sreeram Sreenivasan is the Founder of Ubiq, a business dashboard & reporting platform for small & medium businesses. Ubiq makes it easy to build business dashboards & reports for your business. Try it for free today!