Fog Creek Software
Discussion Board




Is it possible to have two Certificates?

Is it possible to have two certificates on the same apache server?

i.e. I want to have a server call 'http://www.a.com' and allow user to access via  the server name, for example, 'http://server.jpl.nasa.gov'

I use SSL and have a certificate from Thawte.

Can I have two certificates in my apache server? i.e. one for the DNS domain name (i.e. http://www.a.com) and the second one for the server name (i.e. http://server.jpl.nasa.gov')?

The reasons why I would like two certificates is to enable SSL, without browser warnings, whether the user reaches the server by using the DNS URL or the Server URL.

Don Quixote
Tuesday, May 11, 2004

"i.e. I want to have a server call 'http://www.a.com' and allow user to access via  the server name, for example, 'http://server.jpl.nasa.gov'"

My appologies for the second paragraph, listed above, in my original post - it should read:

i.e. I want to have USERS ACCESS THE server VIA DNS 'http://www.a.com' and allow ALSO user to access via  the server name, for example, 'http://server.jpl.nasa.gov'

Thanks for all help :)

Don Quixote
Tuesday, May 11, 2004

"Is it possible to have two certificates on the same apache server?"

The short answer is Yes.  Just think of Virtual Servers.

HOWEVER each certificate requires a unique IP address.  So you will need to have two IP addresses pointing at your server -- one for each domain. 

Almost Anonymous
Tuesday, May 11, 2004

If foo.com and bar.com share an IP as with a virtual host they can not use different certificates. 

Apache must bind to multiple IP Addresses to use multiple certificates. 

christopher baus (www.baus.net)
Tuesday, May 11, 2004

And it's not an Apache limitation so much as it's an HTTPS limitation. You can't use the HOST header to determine what site they want, since the connection needs to be encrypted before you even get the HOST header (which means the server needs to pick one of the certificates without knowing what the actual desired host is).

Brad Wilson (dotnetguy.techieswithcats.com)
Wednesday, May 12, 2004

*  Recent Topics

*  Fog Creek Home