Multiple SSL-enabled websites, single IP

Linode Staff

Hi, is there any special configuration required for hosting multiple SSL-enabled websites on a single IP using SNI?

I tried to set up two virtual hosts, example.com and example2.com, on a single IP.

The first one works, but the second gives an ERR_CERT_COMMON_NAME_INVALID error and seems to be loading the first site's SSL certificate.

3 Replies

You are able to use multiple SSL certificates. Some configuration is required for Apache or Nginx to handle the multiple certificates properly.

ERR_CERT_COMMON_NAME_INVALID is caused by a mismatch between the domain that your site is using and the domain that the certificate is issued for. If you have already created an SSL certificate for your domain example.com, then you need to ensure that the virtual host for example2.com is pointing to the correct certificate file and certificate key on your Linode.

If you have only installed one certificate for example.com, here is our guide for installing SSL certificates:

https://www.linode.com/docs/security/ssl/install-lets-encrypt-to-create-ssl-certificates/

Once you have both certificates installed with individual certificate files and keys, you'll need to edit your virtual host directory to ensure that the following block is included for both domains so their individual files and keys are used:

For Apache-

<VirtualHost *:443>
   ServerName www.example2.com
   DocumentRoot /var/www/example2
   SSLEngine on
   SSLCertificateFile /path/to/www_example2_com.crt
   SSLCertificateKeyFile /path/to/www_example2_com.key
   SSLCertificateChainFile /path/to/DigiCertCA2.crt
</VirtualHost>

for Nginx-

server  {
        listen   443;
        server_name example2.org;

        root /usr/share/nginx/www;
        index index.html index.htm;

        ssl on;
        ssl_certificate /etc/nginx/ssl/example2.org/server.crt;
        ssl_certificate_key /etc/nginx/ssl/example2.org/server.key;
      }

Then you'll need to restart Apache / Nginx. You can check to make sure that you have a valid certificate installed for each of your domains by entering them in here:

https://www.sslshopper.com/ssl-checker.html

If these results are showing the SSL certificate, you can try navigating to your domain to check your secure connection.

If you are using wordpress, we do have this guide that you can follow:

https://linode.com/docs/websites/cms/configure-apache-to-run-multiple-wordpress-sites-on-one-linode/

Hi,

Thank you for your reply.
I am using CPanle. Can you please provide any guideline?

Thanks and regards,
Majid

You can accomplish this in cpanel with the following steps outlined here:

Step 1 : cPanel >> SSL/TLS Manager >> Generate CSR (Certificate Signing Request)

Step 2 : Purchase SSL certificate from the vendor using the newly generated CSR

Step 3 : cPanel >> SSL/TLS Manager >> Install and manage SSL for your site (HTTPS)
Select domain
We can see these things :
Warning : which all browser will not support SNI
Shared IP of the server

In option Choose a certificate file,Click on browse certificate
Select .crt file from the extracted file
Upload certificate

Step 4 : Go again to Manage SSL sites under SSL manager(New Option)
Select domain from drop Down
Click on autofill by domain
Copy certificate bundle and paste under Certificate Authority Bundle (CA Bundle)
Click on install certificate button

I hope that is helpful!

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct