Multiple domains with SSL on same IP?

Yes, you can host multiple domains with SSL on the same IP address using Server Name Indication (SNI). SNI is an extension of the TLS protocol that allows a server to present multiple SSL certificates for different domains on a single IP address.

To set up multiple SSL-enabled domains on the same IP using SNI, you'll generally follow these steps:

1. Generate SSL certificates for each domain: Create SSL certificates for each domain you want to host. You can either obtain separate certificates from a Certificate Authority (CA) or generate self-signed certificates using OpenSSL.

2. Configure your web server: Configure your web server to use SNI and associate each SSL certificate with its respective domain.

   For example, with Apache or Nginx, you would set up your virtual hosts to specify the SSL certificate and the domain it should serve. Here's a simplified example for Apache:

    

   Copied!

   <VirtualHost *:443>
       ServerName www.example1.com
       ServerAlias example1.com
       SSLEngine on
       SSLCertificateFile /path/to/certificate1.crt
       SSLCertificateKeyFile /path/to/privatekey1.key
       # Other SSL configurations
       # ...
   </VirtualHost>
   
   <VirtualHost *:443>
       ServerName www.example2.com
       ServerAlias example2.com
       SSLEngine on
       SSLCertificateFile /path/to/certificate2.crt
       SSLCertificateKeyFile /path/to/privatekey2.key
       # Other SSL configurations
       # ...
   </VirtualHost>
   
   

   This way, the server can differentiate which certificate to provide based on the requested domain.

3. Enable SNI support: Ensure that your server and SSL library support SNI. Most modern servers (Apache, Nginx, IIS) and SSL libraries (OpenSSL, etc.) support SNI.

4. Testing: Test the configuration by accessing each domain in a browser that supports SNI. Most modern browsers support SNI, but some older versions or certain platforms might have issues.

While SNI allows multiple SSL certificates on a single IP, it's important to note that older browsers or systems that don't support SNI might encounter difficulties accessing the hosted domains. Always consider the compatibility requirements of your target audience when using SNI for hosting multiple SSL-enabled domains on the same IP address.

Got an article suggestion? Let us know

Explore more

SSL

Solved: curl: (35) ssl connect error

The main course of this problem is the outdated `curl` package on your system.

Questions

Solved: Error 526 Invalid SSL Certificate

Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.

Questions

Solved: SSL_Error_rx_record_too_long

The usual cause is that the implementation of SSL on your server is not correct. The error is usually caused by a server-side problem which the server administrator will need to investigate.

Questions

Solved: ERR_SSL_VERSION_OR_CIPHER_MISMATCH

When you are accessing the HTTPS secured website a series of steps is taken in the background to ensure that the connection is safe and trusted. Some of these steps consist of checking certificates. If the browser does not believe that the connection would be secure it displays this error.

Questions

Solved: Invalid command ‘SSLEngine

This frequently happens on fresh Apache servers. When Apache starts it reads through the configuration files. When it encounters `SSLEngine` directive, it considers it as unknown. This is caused by the fact that the server’s basic configuration does not have `mod_ssl` module installed or enabled.

Questions

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.