Many people think that you can’t serve several webs with the HTTPS protocol using just one IP address and virtual hosts, because the web server (Apache or whichever one you use) seems to use a random X.509 certificate instead of the one configured for each virtual host. If the domain of the certificate the web server chooses doesn’t match the one the user want to access, the web browser shows a security warning which is quite annoying.
The problem is that the SSL negotiation is made right after the TCP/IP session is established and before the HTTP protocol begins, and at this point the web server still doesn’t know what domain (”Host:”) the user wants and which certificate it should use.
The right way to do this is by using a single certificate valid for each and every domain served, by means of the subjectAltName attribute.
The following is a modified version of the great OpenVPN’s easy-rsa script for the generation and management of X.509 certificates, that allows to create multi-domain certificates with subjectAltName.
Downloads:
Si te ha interesado, ¿me invitas a una cerveza? / If you liked the post, would you buy me a beer?
Vaya, con la redireccion NO automatica WEB
¿Qué quieres decir?