Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

Multiple apache virtual hosts, multiple SSL certificates

MattS
MattS
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 31, 2014

We've got JIRA, Confluence and FishEye running on the same host. Three service names e.g. jira.example.commap to one IP address. Apache runs on the same server and terminates the SSL connection. We're using different cookie names for each service to avoid getting logged out of one when logging into another.

But we can't see how to get Apache to use the SSL cert with the right name. When I connect to https://conf.example.comApache needs to use the cert for conf.example.com, not the one for jira.example.com.

Does anyone have any suggestions for how to do that? Our Apache doesn't appear to support SNI. The docs seems to suggest using IP based virtual hosts instead of named virtual hosts?

Answer
Watch
Like Be the first to like this
1097 views

2 answers

1 vote
EddieW
EddieW
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 31, 2014

Your right Matt.

We have a single apache install with a virtual IP assigned to ourserver for each app server behind the proxy. We then use IP virtual hosts, with each defining its own ssl config. This approach works without issue for us.

I thought name support was standard as of 2.2.x... what version of Apache are you running?

View More Comments
Andris Grinbergs
Andris Grinbergs
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Get recognized
March 31, 2014

Hi,

I managed to solve this only by granting separate (virtual) IP to each service. Then you can define certificate set in every virtualhost.

Andris.

Like
Reply
0 votes
Gaetano Giunta
Gaetano Giunta April 30, 2015

FYI, configuring Apache to use a single IP address and multiple ssl certs based on the hostname of the virtualhost is easily doable.

Otoh this will currently not work, as the Atlassian products will not be able to make appropriate https calls to those vhosts. The relevant issue is: https://jira.atlassian.com/browse/JRA-24515

Reply

Suggest an answer

Log in or Sign up to answer
Jira
Jira Software
TAGS
AUG Leaders

Atlassian Community Events

    See all events