How to configure SSL for my VirtualHosts on Apache 2

Posted on 2004-11-01
Last Modified: 2012-05-05
Can someone plz help with some examples of an httpd.conf file of how to configure SSl support for a) entire VirtualHost folder, and b) only certain sub-folder of a VirualHost. I also need help to create the certificates etc (self signed).

Question by:psimation
    LVL 6

    Accepted Solution

    You can not configure SSL support for virtual hosts unless each virtual host has its own IP.  
    The reason?  Because the handshaking for SSL happens before Apache ever finds out which host is being requested, so you'd not be able to associate a certificate with a given host.
    LVL 17

    Author Comment

    Would it then be possible to use only one domain, the FQDN of the server? IE, if one of my virtualhosts needs secure folder, I just point it to a subfolder of the "top" domain?  
    LVL 6

    Expert Comment

    Yes.   You can have virtual hosts and SSL on the same box, just ensure that your default host is the one configured for SSL and use that.
    LVL 17

    Author Comment

    Well, that's sort of why I asked the question... Can you give me examples of how to configure it?
    LVL 6

    Expert Comment

    A complete guide to configuring Apache and SSL can be found at:

    Look in the upper right-hand corner of the screen and you'll see the guide available.  Don't be put off by the fact that it mentions Thawte, the configuration is the same for whichever  certificate you choose.

    The file you'll need to configure is:   /etc/httpd/conf.d/ssl.conf

    The default virtual host is the first one in your httpd.conf file.

    If you have specific questions after checking that guide then be sure to post away!
    LVL 1

    Assisted Solution

    > You can not configure SSL support for virtual hosts unless each virtual host has its own IP.
    This statement is incorrect.  I use Apache (for WinNT) and I am using SSL on more than one NameVirtualHost.  It works perfectly fine.  I even have a standard HTTP in addition to the SSL-enabled HTTPS, with a couple of HTTP redirecting to the HTTPS of the same name.

    If I had access to my server system right now, to post some .conf snippets, I would.  Unfortunately, I'm at work, on my break, and my server is currently offline ATM. :-P

    But, it is absolutely possible to do...  Read the documentation at the links provided by everyone else, and you should be fine.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Why You Should Analyze Threat Actor TTPs

    After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

    Network Interface Card (NIC) bonding, also known as link aggregation, NIC teaming and trunking, is an important concept to understand and implement in any environment where high availability is of concern. Using this feature, a server administrator …
    Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
    Learn how to find files with the shell using the find and locate commands. Use locate to find a needle in a haystack.: With locate, check if the file still exists.: Use find to get the actual location of the file.:
    Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

    856 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now