Koozali.org: home of the SME Server

Obsolete Releases => SME Server 8.x => Topic started by: leonardocruz on November 18, 2014, 12:13:20 AM

Title: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: leonardocruz on November 18, 2014, 12:13:20 AM

Hi guy's

I have several domains installed on a SME version 8.1,  i have purchased certificates cheaper for them but now installed, only the last one seems to recognize not installed and each with its defined domain.

found a similar case but I see no solution and finally a link pointing to a site or a topic that no longer exists!

can someone help?

thanks in advance

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: janet on November 18, 2014, 02:18:56 AM

leonardocruz

You need to create the certificate with all hosted domains on the one certificate.
You cannot just add new certificates for each domain you add, you have to recreate the one main certificate to include existing & new domains & reinstall the new certificate.

That is a limitation or issue with SME server.

There are Howtos about Certificates so click the Howto link at top of Forum & start reading, there may be some useful tips there.

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: leonardocruz on November 18, 2014, 03:26:57 PM

Is possible use this procedure with SME server?

https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm

If possible could someone tell me the steps, I know this will serve someone else at some point and agradecere help as I am new is this.

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: Stefano on November 18, 2014, 03:47:23 PM

it could be achieved IMVHO with custom fragments

you need to study the templating system that rules SME, make some tests and report here..

in the meanwhile, you should/could open a NFR in bugzilla (please, before creating a new one, search bugzilla to check that the same NFR doesn't exist)

thank you

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: Jean-Philippe Pialasse on November 25, 2014, 06:20:11 PM

Bug open for NFR:
http://bugs.contribs.org/show_bug.cgi?id=8693

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: janet on November 25, 2014, 07:19:19 PM

From bug number 8185, quoting Charlie Brady:

That's not possible, because of the way that SSL and HTTPS work. The certificate is used to setup SSL encryption before the client browser sends the URL which is being requested.

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: Daniel B. on November 25, 2014, 08:06:20 PM

It is possible by using sni, but we need to evaluate the required amount of work

Title: Re: Multiple domains each with its separate certificate (domain1.crt, domain2.crt .)
Post by: Xavier.A on November 27, 2014, 12:44:01 AM

Well, it's time, i'm agree with Daniel  :lol:

But may be you should explain what SNI is, I'm not sure that every body here have read the Apache documentation for SSL with virtualhost (https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI (https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI))

an example of custom template :http://forums.contribs.org/index.php/topic,50665.msg255758.html#msg255758 (http://forums.contribs.org/index.php/topic,50665.msg255758.html#msg255758)

 :lol: