Hosting multiple SSL domains

[Nitin Bansal <ni...@gmail.com>]

Hi,

I am working on a setup to host multiple (~ 100s) sites using apache with
SSL support.

I looked up and found it is possible to achieve this with server name
indication SNI extension of TLS as explained here
<https://www.digicert.com/ssl-support/apache-multiple-ssl-certificates-using-sni.htm>.
Following this, i think i can configure apache to host all these domains
but the real problem here is that in my case the list of domains is
dynamically growing. So If i have to add a new site then i will have to put
a new configuration file and do a apache reload on all the servers which
could be an issue as reload does a graceful restart of all the running
child processes. Also, i think there will be some limitation on number of
VirtualHost directive we can have or it will start effecting the
performance. (not sure though)

On further research, I found out mod_vhost_dbd module which reads
DocumentRoot from a database table using request parameters like hostname
and sets the new root in connection config [code
<https://github.com/joneschrisan/dbd-modules/blob/master/mod_vhost_dbd.c>].
On similar pattern, i was thinking if it is possible to read SSL
configuration parameters like CertificateFile, CertificateKeyFile etc from
a database table.

Any thoughts/ comments on this or if you know some other way of achieving
this? Thanks in advance.

Regards,