====== Multiple SSL Virtual Hosts on one IP ======
If you get this error:
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: *.examplewebsite.com:443 (/etc/apache2/sites-enabled/2000-catch-all:24) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: ytest.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1200-ytest:34) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: test99.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1200-test99:23) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: aerp.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1200-erp:34) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: awiki.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1100-wiki:26) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: svnr.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1100-svn-repo:1) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: pmama.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1100-pma:26) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: olpdass.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1100-opass:26) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: masnais.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1100-mantis:34) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: examplewebsite2.com:443 (/etc/apache2/sites-enabled/1010-default:70) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: *.examplewebsite2.com:443 (/etc/apache2/sites-enabled/1000-catch-all:24) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: SSL server IP/port conflict: 73.122.192.125:443 (/etc/apache2/sites-enabled/0100-via-ip:24) vs. examplewebsite.com:443 (/etc/apache2/sites-enabled/2010-default:59)
[Tue Sep 08 22:42:28 2009] [warn] Init: You should not use name-based virtual hosts in conjunction with SSL!!
[Tue Sep 08 22:42:28 2009] [notice] Apache/2.2.8 (Ubuntu) DAV/2 SVN/1.4.6 PHP/5.2.4-2ubuntu5.7 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g configured -- resuming normal operations
Then read on!
[[http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts|Resource on this]]
However, although we get this error it seems to work!
Additional notes: It is not that in the above error is due to examplewebsite.com:443 configuration being invalid. If you remove virtual host examplewebsite.com you will then get the next virtual server in the error. examplewebsite happens to be the last one in this case.
This [[http://www.gossamer-threads.com/lists/apache/users/338633|thread]] has some explanation
----
A number of resources on SSL
[[https://search.thawte.com/support/ssl-digital-certificates/index?page=content&id=AR1115|thawte - SSL Web Server Certificate FAQs]]
[[http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Microsoft_IIS/Q_22096742.html|Why only one IP per SSL]]
[[http://forum.slicehost.com/comments.php?DiscussionID=3244|Do you need a dedicated IP for each subdomain]]
----
It is possible to have a single IP with multiple subdomains with wildcard SSL - not yet proven
It might be possible to have SSL with multi-subdomain using apache rewrite!
Search for "Server Name Indication" for some possible solutions
===== Update =====
With Apache 2.2.12 and support for the SNI (Server Name Indication) extension to the SSL protocol, you can configure name-based HTTPS sites, just as you can name-based HTTP sites. See [[http://www.techrepublic.com/blog/opensource/configure-apache-to-support-multiple-ssl-sites-on-a-single-ip-address/987|Reference]]. Here is a sample Apache configuration file:
Listen 443
NameVirtualHost *:443
SSLStrictSNIVHostCheck off
DocumentRoot /srv/www/example1.com/
ServerName www.example1.com
...
DocumentRoot /srv/www/example2.com/
ServerName www.example2.com
...
===== Testing SSL Sites =====
https://www.ssllabs.com/index.html