Re: sending ssl certificate according to virtual host

[James G Smith <JG...@TAMU.Edu>]

Mathieu Jondet <ma...@jondet.org> wrote:
>hi all,
>    i'm actually working on a system where a user can create domains /
>subdomains throug a webinterface and doesn't have to interact with the
>httpd.conf.
>For this I use a unique virtualhost which intercept all client request
>no matter which vh is requested. After a handler treat the request and
>fetch the
>data where it should be fetch.
>    Everyhing is working fine, but I would like to add SSL support on
>the system. I want to be able to send the SSL certificate and key files
>for the requested virtual host.
>Depending on the vh requested I set the SSLCertificateFile and
>SSLCertificateKeyFile which will point to the correct ssl files for the
>requested vh.
>
>Is there a way for doing this ?
>All input appreciated and I hope my explanatins are clear enough on what
>i want to do.

HTTP rides on top of SSL/TLS.  The SSL connection is established and
certificates exchanged before any HTTP request is sent.  The SSL
certificate must be configured on a per-IP-address basis.  You might
want to look into a certificate for a wildcarded domain (e.g.,
*.mydomain.com) and have that handle all the subdomains.  I think
that's possible, but I'm not positive.  We use fully qualified domain
names ourselves.
-- 
James Smith <JG...@TAMU.Edu>, 979-862-3725
Texas A&M CIS Operating Systems Group, Unix