• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 200
  • Last Modified:

Can I share a wild-card SSL cert *.mydomain.org between two or several website?

I have set up several virtual hosts on a development server. My developer wants me to set up SSL for two of 8 instances. Since I have a *.mydomain.org certificate. Would I set it up to be used between those two instances/websites?

I got the ssl configuration file under /etc/httpd/conf.d/ssl.conf, the related section is as below:

<VirtualHost *:443>

# General setup for the virtual host, inherited from global configuration
    DocumentRoot "/var/www/lac2014/html"

    ServerName devw.mydomain.org:443

    ServerAlias devw 
    <Directory "/var/www/lac2014/html">
      AllowOverride All
    </Directory>

# Use separate log files for the SSL virtual host; note that LogLevel
# is not inherited from httpd.conf.
    ErrorLog logs/ssl_error_log
    TransferLog logs/ssl_access_log
    LogLevel warn

#   SSL Engine Switch:
#   Enable/Disable SSL for this virtual host.
    SSLEngine on

#   SSL Protocol support:
# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
    SSLProtocol all -SSLv2 -SSLv3


#   SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

#   Server Certificate:
# Point SSLCertificateFile at a PEM encoded certificate.  If
# the certificate is encrypted, then you will be prompted for a
# pass phrase.  Note that a kill -HUP will prompt again.  A new
# certificate can be generated using the genkey(1) command.
#SSLCertificateFile /etc/pki/tls/certs/localhost.crt
    SSLCertificateFile /var/www/keys/mydomain.org.crt

Open in new window

0
Jason Yu
Asked:
Jason Yu
  • 2
1 Solution
 
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
Wildcard certs are sold per server and it covers all websites hosted on the server.  If your cert is for *.mydomain.org then it will cover all sites that ends with .mydomain.org.  One thing to note is that it will not work for something like web1.org1.mydomain.org and will work for web1.mydomain.org
0
 
Jason YuAuthor Commented:
got it, I finished it. I created two seperated Virtual hosts and refer to the same key file in the virutal host, it's working now.
0
 
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
I am glad it is working.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Cloud Class® Course: Microsoft Office 2010

This course will introduce you to the interfaces and features of Microsoft Office 2010 Word, Excel, PowerPoint, Outlook, and Access. You will learn about the features that are shared between all products in the Office suite, as well as the new features that are product specific.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now