We have RHEL 5.X in our setup.

1) I have an important query that would a server require only 1 SSL certificate or is it that there have to be different SSL certificates for the URL’s hosted on the server? Say for a server www.example.com, there could be different URL’s like www.example1.com & www.example2.com configured using the concept of named based virtual hosting where the HTTP configuration file /etc/httpd/conf/httpd.conf would have the required entries.

So, would 1 SSL certificate be sufficient for the server or multiple SSL certificates for www.example.com, www.example1.com & www.example2.com would be required?

2) I placed 1 file into /etc/www/html/index.html containing “Hello world”. There is also a default localhost.crt file in /etc/pki/tls/certs which comes with a installation of mod_ssl package. The access to http://localhost & https://localhost gives “Hello world”. I moved the localhost.crt to /tmp folder but still the access to http://localhost & https://localhost gives “Hello world”.

Please help with the above 2 queries.

Requesting a reply to my query.

Regards

If you looked up how to generate an SSL certificate, you would see that the domain name is part OF the certificate. Since you are using different domains, it is VERY OBVIOUS that you would need different certificates for each domain.

Since you've got a 'certification', and you claim to be paying for L3 support from Red Hat, you are also paying for access to their online knowledge base. Which has instructions on how to do what you're wanting to do. Did you TRY to look this up???
https://access.redhat.com/documentat...ratingkey.html
And what, exactly, is the issue here? You moved a file...did you restart apache??? If you didn't the certificate is still loaded. And did you check the apache logs??

The link you sent of Red Hat is for SSL certificate generation, I am fine with it. I may not be an expert like you to have figured out the complete implications of the domain name field.

1 thing which I noticed subsequently and missed in my post is that after moving the localhost.crt to /tmp folder, the httpd service is not starting. The log in /var/log/httpd/error_log is not showing anything relevant.

The certificate line file was commented, I had overlooked it. Now the httpd has started.

Regards

I understood that for different domains like www.example.com & www.example1.com, separate SSL certificates would be required. But how about, URL's like abc.example.com & bcd.example.com.

Please reply to my query whether separate SSL certificates would be required or not for the example sites as abc.example.com & bcd.example.com.

Regards

So if you know/knew that each domain needs its own certificate, why ask? Especially since the RHEL documentation also explains this.
...which is because you moved the certificate, so apache will NOT start. You did fail to mention that in your last post.
Which is as expected.
First you say you read and understood that each domain needs a separate certificate, and you get an answer that says YES, they OBVIOUSLY DO, and get pointed to the Red Hat documentation that ALSO says this....so you ask the same question AGAIN????

abc.example.com and bcd.example.com are DIFFERENT DOMAIN NAMES. Different names = different certificate. AGAIN, as you've been told before, look in the Red Hat knowledgebase, which you are PAYING FOR ACCESS TO, and which has answers to these questions.

1 members found this post helpful.