Topic: Custom SSL Certificates

[darren]

What i am tring to do is use seperate ssl certificates for each virtual domain.

I have been looking at this file
/etc/e-smith/templates/etc/httpd/conf/http/conf/VirtualHosts/225SSLDirectives
and it appears all i need to do is set $SSLstatus to enabled and i can't find where it is initially setup (ie disabled).can anyone tell me where to look.

cheers darren
p.s a copy of the file is below.

my $SSLstatus = db_get_prop($confref, 'modSSL', 'status') || 'disabled';

    if ($SSLstatus eq 'enabled')
    {
        #------------------------------------------------------------
        # SSL Stuff
        #------------------------------------------------------------

        my $customCrt = db_get_prop($confref, "modSSL", "crt");
        my $crt = $customCrt ? $customCrt :
                "/home/e-smith/ssl.crt/secure.${DomainName}.crt";
        my $customKey = db_get_prop($confref, "modSSL", "key");
        my $key = $customKey ? $customKey :
                "/home/e-smith/ssl.key/secure.${DomainName}.key";

        $OUT .= <    # SSL Directives

    SSLEngine on
    SSLCertificateFile $crt
    SSLCertificateKeyFile $key
    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1$

SSL_END
    }
}

[Jon Blakely]

Darren,

Check /home/e-smith/configuration

modSSL=service|status|enabled

Jon

[darren]

ok i have figured out that if i change the DomainName to virtualHost it points to the correct files.
now how can i change the template to check if the file exists

[Charlie Brady]

darren wrote:
 
> What i am tring to do is use seperate ssl certificates for
> each virtual domain.

You are wasting your time. It can't be done. The client doesn't tell the server which virtual domain it wants until after the certificate has already been used to set up SSL.

Charlie

[darren]

i have already figured out how to make it select the correct ssl certificate depending on the website what i need to do is find out if there is a template command to check if the file exists

[Jeff Coleman]

Darren,

If you get this working pls post a howto.  This is an important issue for multi-domain hosting.

-jeff

[Charlie Brady]

darren wrote:

> i have already figured out how to make it select the correct
> ssl certificate depending on the website

If you've managed to do that without using separate IP addresses or separate ports for each virtual domain, then I'd really like to know your secret. All the information I have says this is impossible.

Regards

Charlie

[Tom Carroll]

Darren, this has just come up for me.  Is there a way to get it to work?

[darren]

Charlie Brady:
>You are wasting your time. It can't be done. The client doesn't tell the server >which virtual domain it wants until after the certificate has already been used to >set up SSL.


This is correct..