Forum
Question regards SSL certificates
Kai
9 July 2012, 19:21
Hi folks,
I found an old post from 2010 about this, but I'm not quite sure, if there are any changes in version 8 now, so please apologize to ask the following question:
I have two virtual hosts configured on my hiawatha abc.com and xyz.com. abc.com is already working with an SSL binding and no problem with this. However, I would like to change the domain xyz.com to SSL, too, but have to register a different SSL certificate for this virtual host, but I can configure only one SSLcertFile per binding (assuming, both virtual hosts should be reachable via port 443).
Question: Can i register to different X.509 certificates on one file or isn't this possible ?? If so, which order do I have to follow ??
If it's not possible, I have to find a workaround, but before I'll follow this path, I want to make sure, I haven't missed any option.
Many tx for your help.
Cheers
Kai
- - -
Hiawatha version: 7.6
Operating System: CentOS 5.6
I found an old post from 2010 about this, but I'm not quite sure, if there are any changes in version 8 now, so please apologize to ask the following question:
I have two virtual hosts configured on my hiawatha abc.com and xyz.com. abc.com is already working with an SSL binding and no problem with this. However, I would like to change the domain xyz.com to SSL, too, but have to register a different SSL certificate for this virtual host, but I can configure only one SSLcertFile per binding (assuming, both virtual hosts should be reachable via port 443).
Question: Can i register to different X.509 certificates on one file or isn't this possible ?? If so, which order do I have to follow ??
If it's not possible, I have to find a workaround, but before I'll follow this path, I want to make sure, I haven't missed any option.
Many tx for your help.
Cheers
Kai
- - -
Hiawatha version: 7.6
Operating System: CentOS 5.6
Hugo Leisink
9 July 2012, 19:42
This is not yet possible. When Hiawatha used OpenSSL, I couldn't get it working due to the incomplete and horrible documentation. With Hiawatha 8, I switched to PolarSSL, which is very well documented. However, PolarSSL doesn't support SNI [en.wikipedia.org] (which is what you are looking for). I asked the PolarSSL developer for SNI support and he promised me to build in SNI support in the next PolarSSL release (version 1.2). Soon after that, Hiawatha will have SNI support as well.
You could also ask the PolarSSL developer for SNI support. It could help to get it sooner
You could also ask the PolarSSL developer for SNI support. It could help to get it sooner
This topic has been closed.
Copyright © by Hugo Leisink. All rights reserved.
Built upon the Banshee PHP framework.
Built upon the Banshee PHP framework.
