Hi Shelby
Thanks for your how-to, I have used this successfully to get certificates working on my systems.
Howver I want to complicate things and add multiple certificates to my server.
Now I am sure this is not really an issue for the SSL certificate creation, as all I should need to do is change the file names for each independant url that I want to secure.
i.e secure.domain1.com.key/crt and secure.domain2.com.key/crt can be separate files.
The issue arises within SME and the fact that it only wants to recognise the default domain name certificate in apache, or at least it appears to me that this is the case.
Checking out the various templates I think that the following snippet of code creates the SSL configs in the httpd.conf
from the 80Aliases10SSL template
#------------------------------------------------------------
# SSL Stuff
#------------------------------------------------------------
$result .= " # SSL Directives\n";
$result .= "\n";
$result .= " SSLEngine on\n";
my %conf = (modSSL => $modSSL);
my $customCrt = db_get_prop(\%conf, "modSSL", "crt");
my $crt = $customCrt ? $customCrt :
"/home/e-smith/ssl.crt/secure.${DomainName}.crt";
my $customKey = db_get_prop(\%conf, "modSSL", "key");
my $key = $customKey ? $customKey :
"/home/e-smith/ssl.key/secure.${DomainName}.key";
$result .= " SSLCertificateFile $crt\n";
$result .= " SSLCertificateKeyFile $key\n";
$result .= " SetEnvIf User-Agent \".*MSIE.*\" nokeepalive ";
$result .= " ssl-unclean-shutdown ";
$result .= " downgrade-1.0 force-response-1.0\n";
$result .= "\n";
Where it has the ${DomainName} I want to substitute the virtual domain rather than the default domain.
But I cannot figure out what variable I can use to get at this information. (maybe its just the end of a long day )
The end result should be that I can have multiple SSL crt/key files identified by the specific domain that they relate to and avoid the browser prompts for mismatched SSL cert's.
Any thoughts on how this will work, thanks.
cheers
Tony
3 Replies
765 Views