SSL for a Domain?

    I have a SSL-Certificate for my main domain. But now I want to use another certificat for another domain. Where I can find the right files?


    When I change the conf in apache2/sites-enabled (for the secound domain), I still get the certificate from the main-domain. I'am confused.

    To add another certificate you need a different ip then one used by master domain. (same ip can not be used by more domains for ssl)

    Okay. So I have to change the configs by my own. Thanks for the info.

    Quote

    Okay. So I have to change the configs by my own. Thanks for the info.


    That wasn't the point. The point is that you *can not* use two different certificates under the same IP address, because the certificate is sent to the client BEFORE he specifies which host is he going to request. This is a limitation of the SSL protocol itself, so no amount of configuration (manual or otherwise) will allow you to do that.

    Quote from kilburn


    That wasn't the point. The point is that you *can not* use two different certificates under the same IP address, because the certificate is sent to the client BEFORE he specifies which host is he going to request. This is a limitation of the SSL protocol itself, so no amount of configuration (manual or otherwise) will allow you to do that.


    SNI has been invented for exactly these reasons and is supported by the major browsers/client-side SSL libraries and servers, with the notable exception of IE on Windows XP (Vista or later is working):
    http://en.wikipedia.org/wiki/Server_Name_Indication


    It should be sufficient to put the right SSL* directives into your vhost definition, but you need at least openssl >= 0.9.8j.


    Whether the upcoming i-MSCP SSL support will allow doing that from the web UI, I don't know.

    Hello folks;


    SSL with optional SNI support is on the road and is planned for RC1. It's the hard task for Daniel (sci2tech) for our next release. We talked a lot about it implementation yesterday on IRC.


    Note: SNI support will still optional since like you said: "is supported by the major browsers/client-side SSL libraries and servers, with the notable exception of IE on Windows XP (Vista or later is working)"

    badge.php?id=1239063037&bid=2518&key=1747635596&format=png&z=547451206

    SSH key for online support

    gnuTLS use SNI for that. mod_ssl for apache can do same since version 2.2.8