Fame Burst

Home / general

Set Self Signed Certificate for single VirtualHosts

Carter Sullivan |

I generated a self signed cert for my local development server, following this guide

I set my server IP as "Common Name" value, when asked. I did not set the firewall.

Once made all the other modifications suggested by the guide, I can reach

HERE'S THE PROBLEM

I have some virtual hosts that I want to protect, so I tried to use the same certificate to access my sites in https, but I'm always redirected to the apache root page.

This is my config file

/etc/apache2/sites-enabled/kopakabana.conf

<VirtualHost *:80> SSLEngine on SSLCertificateFile /etc/ssl/certs/apache-selfsigned.crt SSLCertificateKeyFile /etc/ssl/private/apache-selfsigned.key` ....
</VirtualHost>

Where am I wrong?

1 Answer

You seem to be listening to port 80 instead of port 443 in your Virtual Host configuration.

The top line should be:

<VirtualHost *:443>

There might be another issue as well. You mention the following:

I have some virtual hosts that I want to protect, so I tried to use the same certificate to access my sites in https [...]

Yet, you also mention that you are accessing your sites with the server's IP address.

This approach will not work, you cannot have multiple virtual hosts listening on the same host, only one will work.

For example, consider you have the following two virtual hosts:

  • example.conf
  • kopakabana.conf

When you access your server through Apache, it will need to figure out which site it needs to serve. It cannot serve both.

Since you access your site through an IP, Apache will serve the first matched virtual host. In your case, it may be resolving to the default config file.

What you need to do is to actually assign a server name to your virtual hosts. And if you want to run them with the same certificate, you can create them as subdomains and assign them a wildcard certificate.

For example, consider the following virtual hosts:

  • example.conf

    <VirtualHost *:443> ServerName example.mymachine.local # [...]
</VirtualHost>

  • kopakabana.conf

    <VirtualHost *:443> ServerName kopakabana.mymachine.local # [...]
</VirtualHost>

In this case, you would create a certificate for *.mymachine.local and use it on both of them.

Next, just edit the /etc/hosts file on your own machine and append the following to it so your browser can resolve the domain properly.

192.168.1.202 example.mymachine.local
192.168.1.202 kopakabana.mymachine.local

Finally, instead of accessing , you would access or .

1

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password

Post as a guest

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy

You Might Also Like