twantrd,
I have successfully configured VirtualHost. Now, when I typein
www.company1.com on my browser I get to see the www.company1.com's DocumentRoot. And the same thing happened on
www.company2.com. Now, my problem is that it seems that the two websites still shares the same certificate. How can I configure the server to use different certs on each site? Here's my ssl.conf. Hope you can tell me if this is secure enough. I also notice that https is really slow compared to the traditional http. Maybe because of the encryption which makes it really slow. I also heard from Steve Gibson that it is possible to generate a certificate for each client to be installed on his' browser just for him to access the site. Have you tried this before and how were you able to do this? Thanks and hope you can help me out.
LoadModule ssl_module modules/mod_ssl.so
Listen 443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache dbm:/var/cache/mod_ssl/scache
SSLSessionCacheTimeout 300
SSLMutex file:logs/ssl_mutex
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
#SSLRandomSeed startup file:/dev/random 512
#SSLRandomSeed startup file:/dev/urandom 512
#SSLRandomSeed connect file:/dev/random 512
#SSLRandomSeed connect file:/dev/urandom 512
NameVirtualHost *:443
<VirtualHost *:443>
DocumentRoot "/var/www/company1"
ServerName
www.company1.com
ServerAdmin
admin@company1.com
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/honda.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/honda.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>
<VirtualHost *:443>
DocumentRoot "/var/www/company2"
ServerName
www.company2.com
ServerAdmin
admin@company2.com
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /etc/httpd/conf/ssl.crt/iadi.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/iadi.key
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
</VirtualHost>