Nerdy Drunk

Drunk on technology

User Tools

Site Tools

You are here: start » linux » apache-sni

Sidebar

Topics

Topic Search


Home Lab
About Me


Twitter @taingalls


Subject Matter Expert Specialty Advanced Networking Specialty Security Specialty Data Analytics Specialty Machine Learning Specialty Database Specialty SAP on AWS Specialty Solutions Architect Professional DevOps Engineer Professional SysOps Administrator Associate Solutions Architect Associate Developer Associate Cloud Practitioner

Mastodon twit.social/@taingalls
linux:apache-sni

Table of Contents

Apache Server Name Indication (SNI)

,

This following are Apache configuration examples on how to implement SNI or domain name based virtual hosting. The following examples also include unique SSL certificates for each domain name.

The two main requirements are;

  • NameVirtualHost enabled in the main Apache httpd.conf file.
  • Unique ServerName for each site domain name each in their own VirtualHost section.

Apache General Config

[root@SERVER ~]# cat /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
NameVirtualHost *:443

SITE1.COM Config

[root@SERVER ~]# cat /etc/httpd/conf.d/SITE1.COM.conf
<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/SITE1.COM
    ServerName SITE1.COM
    ServerAlias www.SITE1.COM
    ErrorLog logs/SITE1.COM-error_log
    TransferLog logs/SITE1.COM-access_log
    CustomLog logs/SITE1.COM-custom_log common
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/SITE1.COM
    ServerName SITE1.COM
    ServerAlias www.SITE1.COM
    ErrorLog logs/SITE1.COM-ssl_error_log
    TransferLog logs/SITE1.COM-ssl_access_log
    CustomLog logs/SITE1.COM-ssl_custom_log common

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/WWW.SITE1.COM.crt
SSLCertificateKeyFile /etc/pki/tls/private/WWW.SITE1.COM.key
SSLCertificateChainFile /etc/pki/tls/certs/CA-ROOT.crt
#
# Rest of SSL config
#
</VirtualHost>

DEMO.SITE2.COM Config

[root@SERVER ~]# cat /etc/httpd/conf.d/DEMO.SITE2.COM.conf
<VirtualHost *:80>
    Redirect 301 / https://DEMO.SITE2.COM/
    ServerAdmin [email protected]
    DocumentRoot /var/www/DEMO.SITE2.COM
    ServerName DEMO.SITE2.COM
    ErrorLog logs/DEMO.SITE2.COM-error_log
    TransferLog logs/DEMO.SITE2.COM-access_log
    CustomLog logs/DEMO.SITE2.COM-custom_log common
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/DEMO.SITE2.COM
    ServerName DEMO.SITE2.COM
    ErrorLog logs/DEMO.SITE2.COM-ssl_error_log
    TransferLog logs/DEMO.SITE2.COM-ssl_access_log
    CustomLog logs/DEMO.SITE2.COM-ssl_custom_log common

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/DEMO.SITE2.COM.crt
SSLCertificateKeyFile /etc/pki/tls/private/DEMO.SITE2.COM.key
SSLCertificateChainFile /etc/pki/tls/certs/CA-ROOT.crt
#
# Rest of SSL config
#
</VirtualHost>

[root@SERVER ~]#
linux/apache-sni.txt · Last modified: by 127.0.0.1

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki