Apache on linux with two real certificates (.com and .co.uk)

Posted on

Apache on linux with two real certificates (.com and .co.uk) – Managing your servers can streamline the performance of your team by allowing them to complete complex tasks faster. Plus, it can enable them to detect problems early on before they get out of hand and compromise your business. As a result, the risk of experiencing operational setbacks is drastically lower.

But the only way to make the most of your server management is to perform it correctly. And to help you do so, this article will share nine tips on improving your server management and fix some problem about , , , , .

I can only configure one. when I try to configure the other I get httpd error with bad syntax.
any one know how to configure 2 certificates in apache?
this is what I have:

# ssl

LoadModule ssl_module modules/mod_ssl.so
Listen 443

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

SSLPassPhraseDialog builtin

SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300

SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin

SSLCryptoDevice builtin

<VirtualHost *:443>
ServerName company ip address
ServerAlias *.company wild card certificate
DocumentRoot /live/html

ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn

RewriteEngine on
RewriteOptions Inherit

SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

### SSLCertificateFile /etc/httpd/pki/company.co.uk.crt
### SSLCertificateKeyFile /etc/httpd/pki/server.key
### SSLCACertificateFile /etc/httpd/pki/intermediate.crt

SSLCertificateFile /etc/httpd/pki/USA/server.crt
SSLCertificateKeyFile /etc/httpd/pki/USA/server.key
SSLCACertificateFile /etc/httpd/pki/USA/intermediate.crt

<Files ~ ".(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>

SetEnvIf User-Agent ".*MSIE.*"
nokeepalive ssl-unclean-shutdown
downgrade-1.0 force-response-1.0

CustomLog logs/ssl_request_log
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x "%r"" %b""

Solution :

Leave a Reply

Your email address will not be published. Required fields are marked *