Eckard Wille schrieb:
Cuesta Gilles schrieb:
"*MULTIPLE CN (SAN) SERVER CERTIFICATES*

This type of certificate (also called /Subject Alternative Name/ (SAN) ) enables to secure not only one website but a large number of sites (a list of sites) hosted on a shared infrastructure (server with multiple names, reverse proxy). Ideal to secure multiple brands of a corporation. One certificate per hardware is required."

This only means that one host can have several names by configuring ServerName and ServerAlias, but does not enable virtual hosting.

Hi Cuesta,

with some tricks you could achive your goal by using the preconditions of mod_rewrite rules. If your ssl proxy has one single host entry with such a multi-named cert, it may be possible to rewrite via proxy after a look at the host header:

  RewriteEngine on
  RewriteCond %{HTTP_HOST} www.vhost1.com
  RewriteRule ^/(.*) www.internal.http.vhost1.com/$1 [P]

  RewriteCond %{HTTP_HOST} www.vhost2.com
  RewriteRule ^/(.*) www.internal.http.vhost2.com/$1 [P]

If this works for you depends also on the backend webapps, for example if they are capable of running behind a reverse proxy with a different http schema (HTTP<->HTTPS, servername references in html, internal redirects...).

Good luck

Eckard
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            [EMAIL PROTECTED]

Reply via email to