Issue with multisite install and separate SSL certificates

  • jmarquand

    (@jmarquand)


    12 years, 7 months ago

    We have an install of a multi-site with a the domain mapping module. How can this be utilized to allow multiple SSL certificates for the differing sites? We currently have the standard setup for SSL in Apache, where each site name is assigned an IP and SSL certificate. The sites have their own configs in Apache 2.2, one for SSL and one for non SSL.

    The issue we are having is that the same cert is presented regardless of the domain name that is being requested. In non SSL calls they work appropriately. The correct name is returned and all functions as anticipated. In the SSL environment the correct name is served and the certificate for the primary domain is returned.

    My question is how to serve this appropriately in Apache 2 using the multi-site install of WordPress.

Viewing 2 replies - 1 through 2 (of 2 total)
  • ce_kevinw

    (@ce_kevinw)

    12 years, 7 months ago

    Hi jmarquand,

    I would recommend looking at the differences between a set of virtual hosts that are not working.

    For example, find the virtual hosts in the apache config file for one specific site (ssl and no ssl), and then find what is different between them. Do they both show the same IP address but different port settings?

    If you can post some of the details, I’d be happy to review.

    Moderator Ipstenu (Mika Epstein)

    (@ipstenu)

    🏳️‍🌈 Advisor and Activist

    12 years, 7 months ago

    This JUST came up on WP Hackers: http://lists.automattic.com/mailman/listinfo/wp-hackers

    Each SSL certificate requires a unique IP address because an SSL connection is negotiated before the request is read.

    Now, as for workarounds. Apache after 2.2.12 supports SNI (Server Name Indication) which allows for multiple SSL certs per IP. You can also create/purchase a certificate with each domain and wildcard for the domain (example.com *.example.com example2.com *.example2.com), and this way you would always serve the valid certificate.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Issue with multisite install and separate SSL certificates’ is closed to new replies.