Nerdy Drunk

Drunk on technology

User Tools

Site Tools


linux:apache-sni

Apache Server Name Indication (SNI)

This following are Apache configuration examples on how to implement SNI or domain name based virtual hosting. The following examples also include unique SSL certificates for each domain name.

The two main requirements are;

  • NameVirtualHost enabled in the main Apache httpd.conf file.
  • Unique ServerName for each site domain name each in their own VirtualHost section.

Apache General Config

[root@SERVER ~]# cat /etc/httpd/conf/httpd.conf
NameVirtualHost *:80
NameVirtualHost *:443

SITE1.COM Config

[root@SERVER ~]# cat /etc/httpd/conf.d/SITE1.COM.conf
<VirtualHost *:80>
    ServerAdmin [email protected]
    DocumentRoot /var/www/SITE1.COM
    ServerName SITE1.COM
    ServerAlias www.SITE1.COM
    ErrorLog logs/SITE1.COM-error_log
    TransferLog logs/SITE1.COM-access_log
    CustomLog logs/SITE1.COM-custom_log common
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/SITE1.COM
    ServerName SITE1.COM
    ServerAlias www.SITE1.COM
    ErrorLog logs/SITE1.COM-ssl_error_log
    TransferLog logs/SITE1.COM-ssl_access_log
    CustomLog logs/SITE1.COM-ssl_custom_log common

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/WWW.SITE1.COM.crt
SSLCertificateKeyFile /etc/pki/tls/private/WWW.SITE1.COM.key
SSLCertificateChainFile /etc/pki/tls/certs/CA-ROOT.crt
#
# Rest of SSL config
#
</VirtualHost>

DEMO.SITE2.COM Config

[root@SERVER ~]# cat /etc/httpd/conf.d/DEMO.SITE2.COM.conf
<VirtualHost *:80>
    Redirect 301 / https://DEMO.SITE2.COM/
    ServerAdmin [email protected]
    DocumentRoot /var/www/DEMO.SITE2.COM
    ServerName DEMO.SITE2.COM
    ErrorLog logs/DEMO.SITE2.COM-error_log
    TransferLog logs/DEMO.SITE2.COM-access_log
    CustomLog logs/DEMO.SITE2.COM-custom_log common
</VirtualHost>

<VirtualHost *:443>
    ServerAdmin [email protected]
    DocumentRoot /var/www/DEMO.SITE2.COM
    ServerName DEMO.SITE2.COM
    ErrorLog logs/DEMO.SITE2.COM-ssl_error_log
    TransferLog logs/DEMO.SITE2.COM-ssl_access_log
    CustomLog logs/DEMO.SITE2.COM-ssl_custom_log common

SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/DEMO.SITE2.COM.crt
SSLCertificateKeyFile /etc/pki/tls/private/DEMO.SITE2.COM.key
SSLCertificateChainFile /etc/pki/tls/certs/CA-ROOT.crt
#
# Rest of SSL config
#
</VirtualHost>

[root@SERVER ~]#
linux/apache-sni.txt · Last modified: 2022/07/21 10:41 by 127.0.0.1