Estou usando o Apache e tenho dois domínios para os quais criei hosts virtuais e instalei certificados SSL. No entanto, apenas um domínio funciona e o outro apenas redireciona para esse domínio. Eu acho que isso é porque o site um é o site principal e eu preciso de um endereço IP separado para cada domínio ao usar SSL?
Eu li alguns artigos que dizem que você pode usar vários certificados SSL com um IP fazendo o seguinte em seu host virtual
<VirtualHost *:443>
Eu tentei isso, mas não funciona para mim. Também muitos artigos mencionam o SNI, mas não tenho 100% de certeza do que isso significa. Alguém poderia lançar alguma luz sobre isso e me apontar na direção certa?
É assim que meus hosts virtuais se parecem
Site 1
<VirtualHost *:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin [email protected]
ServerName domain.com
ServerAlias www.domain.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /var/www/html/domain.com/public_html
Redirect permanent / https://www.domain.com
<Directory "/var/www/html/domain.com/public_html">
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
# Log file locations
LogLevel warn
#ErrorLog /var/www/html/domain.com/log/error.log
#CustomLog /var/www/html/domain.com/log/access.log combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName domain.com
ServerAlias www.domain.com
DocumentRoot /var/www/html/domain.com/public_html
<Directory "/var/www/html/domain.com/public_html">
#Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/apache2/ssl/www_domain_com/www_domain_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www_domain_com/server.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
SSLCertificateChainFile /etc/apache2/ssl/www_domain_com/www_domain_com.ca-bundle
#...
</VirtualHost>
</IfModule>
Site 2
<VirtualHost *:80>
# Admin email, Server Name (domain name), and any aliases
ServerAdmin [email protected]
ServerName domain2.com
ServerAlias www.domain2.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.php index.html
DocumentRoot /var/www/html/domain2.com/public_html/public
# Redirect permanent / https://www.domain2.com
# Log file locations
LogLevel warn
ErrorLog /var/www/html/domain2.com/log/error.log
CustomLog /var/www/html/domain2.com/log/access.log combined
SetEnv CI_ENV production
SetEnv CI_BASE_URL http://www.domain2.com/
<Directory "/var/www/html/domain2.com/public_html/public">
AuthType Basic
AuthName "Restricted Content"
AuthUserFile /var/www/html/domain2.com/public_html/public/.htpasswd
Require valid-user
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerName domain2.com
ServerAlias www.domain2.com
DocumentRoot /var/www/html/domain2.com/public_html/public
<Directory "/var/www/html/domain2.com/public_html/public">
#Options Indexes FollowSymLinks MultiViews
Options FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined
Alias /doc/ "/usr/share/doc/"
<Directory "/usr/share/doc/">
Options Indexes MultiViews FollowSymLinks
AllowOverride None
Order deny,allow
Deny from all
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/apache2/ssl/www_domain2_com/www_domain2_com.crt
SSLCertificateKeyFile /etc/apache2/ssl/www_domain2_com/server.key
# Server Certificate Chain:
# Point SSLCertificateChainFile at a file containing the
# concatenation of PEM encoded CA certificates which form the
# certificate chain for the server certificate. Alternatively
# the referenced file can be the same as SSLCertificateFile
# when the CA certificates are directly appended to the server
# certificate for convinience.
SSLCertificateChainFile /etc/apache2/ssl/www_domain2_com/www_domain2_com.ca-bundle
#...
</VirtualHost>
</IfModule>