Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
How do I get a private IP to map to a public website I'm hosting so I can have separate SSL certificates.
I have a single public IP that I wish to run multiple vhosts on.
We have the URL's mapped to the public IP and if I just do simple
vhosts I can get the separate pages to load fine.
The problem is I want to use IP's and those IP's need to be private virtual IPs and I want SSL to work.
I've created a couple private virtual IP's that are pingable like 192.168.0.1 & 2
But I can't figure out how they are mapped together.
You can't, as you can't distinguish between the site being requested by an http client before the connection is established. You would conventionally either terminate the ssl generically at a seperate point infront of the vhosts, e.g. load balancer / ssl offload engine and use a single certificate with multiple hostnames on it.
I would tend to believe you but its being done. I just don't understand how.
On a site with 1 sever.
We have a bunch of separate SSL certificates and the sites are separated by private 192.168.1.XXX addresses but are accessed via public addresses but I don't understand how it works.
a few edited lines from /usr/sbin/httpd -S
192.168.1.52:80 is a NameVirtualHost
default server default ()
port 80 namevhost default ()
port 80 namevhost webmail ()
port 80 namevhost lists ()
port 80 namevhost SITE1_NAME1.COM ()
port 80 namevhost SITE1_NAME2.COM ()
192.168.1.52:443 is a NameVirtualHost
default server default-192-168-1-52 ()
port 443 namevhost default-192-168-1-52 ()
port 443 namevhost webmail ()
port 443 namevhost lists ()
port 443 namevhost SITE1_NAME1.COM ()
And this somehow works, but I haven't figured out how.
In /var/local/psa/var/certificates we have 27 separate certificates that show up on different site directives for SSLCertificateFile ...
So I'm not sure where this leaves me.
Does it help if I say that site is managed using plesk.
Not sure quite where to go as my knowledge says this is impossible, at least within the scope of Apache, and general logic of the high degree of seperation betwen HTTP and the S part.
I'd be interested in seeing something like a traffic capture of the SSL handshakes taking place, and seeing what certificate comes back from what IP address.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
