configurando vários certificados ssl no mesmo servidor / ip nos CENTOs com o apache 2.2

2

Estou usando esta referência para configurar vários Ceritificados ssl no mesmo ip no CENTOS 6.3 com o apache 2.2

<VirtualHost *:443>

        ServerAdmin webmaster@localhost
        ServerName www.domain1.org
        ServerAlias domain1.org
        DocumentRoot /var/www/vhosts/domain1.org/

        #   SSL Engine Switch:                                                                                                                                                                                                   
        #   Enable/Disable SSL for this virtual host.                                                                                                                                                                            
        SSLEngine on

        #   A self-signed (snakeoil) certificate can be created by installing                                                                                                                                                    
        #   the ssl-cert package. See                                                                                                                                                                                            
        #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.                                                                                                                                                      
        #   If both key and certificate are stored in the same file, only the                                                                                                                                                    
        #   SSLCertificateFile directive is needed.                                                                                                                                                                              
        SSLCertificateFile  /home/tmp/ssl/domain1.crt
        SSLCertificateKeyFile /home/tmp/ssl/domain1.key

</VirtualHost>
<VirtualHost *:443>

        ServerAdmin webmaster@localhost
        ServerName www.domain2.org
        ServerAlias domain2.org
        DocumentRoot /var/www/vhosts/domain2.org/

        #   SSL Engine Switch:                                                                                                                                                                                                   
        #   Enable/Disable SSL for this virtual host.                                                                                                                                                                            
        SSLEngine on

        #   A self-signed (snakeoil) certificate can be created by installing                                                                                                                                                    
        #   the ssl-cert package. See                                                                                                                                                                                            
        #   /usr/share/doc/apache2.2-common/README.Debian.gz for more info.                                                                                                                                                      
        #   If both key and certificate are stored in the same file, only the                                                                                                                                                    
        #   SSLCertificateFile directive is needed.                                                                                                                                                                              
        SSLCertificateFile  /home/tmp/ssl/domain2.crt
        SSLCertificateKeyFile /home/tmp/ssl/domain2.key

</VirtualHost>

No início, recebo o seguinte aviso:

[warn] _default_ VirtualHost overlap on port 443, the first has precedence

quando visito os diferentes sites, ele sempre me mostra o primeiro certificado. o que há de errado?

    
por user12145 19.07.2014 / 23:20

1 resposta

2

Você precisa ativar a habilidade SNI. Ative com em ports.conf:

NameVirtualHost *:443
    
por 19.07.2014 / 23:24