SNI: multiple certs for same vhost?

Discussion in 'Feedback/Feature Requests' started by andreas, May 10, 2011.

  1. andreas

    andreas New Member

    Hi,

    is it possible to use different certificates for the domains of one VHost? The certificates seem to be tied to the VHost, not to the domain-vhost mapping (which would make more sense, IMO).

    Thanks
    Andreas
  2. webizen

    webizen New Member

    nope. tying certificate to vhost is by design. you can have multiple vhosts share the same config (e.g. docroot, etc) and map these vhosts (domain name matching with certificate CN) to the same listener.
  3. webizen

    webizen New Member

    Moved the thread to Feature Requests subforum. there is no ETA at this point as it requires big code change.
  4. bmcclure

    bmcclure New Member

    Gosh I would love to see this feature. It's pretty much the biggest thing I'm missing using LiteSpeed vs Apache. I don't want to use a ton of IPs, and a SubjetAltName certificate is too expensive for me...

    This feature has my vote!

    Ben
  5. mistwang

    mistwang LiteSpeed Staff

    It has been implemented a while ago, please check change log.
  6. bmcclure

    bmcclure New Member

    Oh, hey, thanks, that's great news! I'll look back through the changelogs and see if I can figure out how to get it working.

    Thanks again,

    Ben
  7. bmcclure

    bmcclure New Member

    Actually, I'm still where I was stuck before--are there instructions for how to utilize the SNI functionality in LiteSpeed?

    I see you can specify a different SSL cert for each VirtualHost, however, whenever I try to create a listener for SSL it wants me to put the cert information in at the listener level--how can I utilize a different SSL certificate for each VirtualHost running on a particular shared IP?

    Thanks!

    Ben
  8. mistwang

    mistwang LiteSpeed Staff

    SSL cert associating with listener is the default, will switch to vhost ssl cert if configured.

Share This Page