• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Shared SSL for Linux

G

grundy

Guest
Hi All

I know this question has been asked before, and I have searched for a solution both here and using Google but I could just do with getting other opinions before I embark on this.

I have a Redhat server with Plesk 9.3, I need to setup a single SSL protected domain and allow many other domains on the same server to use its certificate for encryption. I have seen that Plesk for Linux does not support shared SSL via the panel, and I have also seen that it may be possible to do this using symlinks or possibly mod_rewrite. The sites that need to access the SSL protected domain are all PHP running as FastCGI, if possible I'd simply like the URL's to be like:

https://ssl_domain.com/non_ssl_domain.com/

Is this possible using symlinks? And if not can anybody briefly explain why not?

As mentioned above I'd really just like somebody's opinion who has tried to do this before. What is the best approach to take to achieve this? Would a wildcard certificate and subdomains be a better idea?

I've setup a few dedicated SSL's using Plesk, so I know about unique IP's etc. just never had to setup something like this.

Any help, pointers or links are greatly appreciated.

Thanks
 
It should work with multile SNI as I know, just in Lighthttpd of PLESK is not enabled. I have asked for this, but dunno if they will enable or not in the future.
 
Thanks lvalics

Have to admit I wasn't aware of SNI, but from what I've been reading it doesn't appear to be an option.

I'm going to try the symlink route first, this is what I'm thinking:

1. Create a single SSL enabled domain on its own IP.
2. Create directories on the SSL domain for each of the other non-SSL domains.
3. Create symlinks between theses new directories and the httpsdocs directory for each domain.
4. Change ownership of each of the new directories to the ftp user of each domain.
5. Add allow follow symlinks to a vhost_ssl.conf for each domain.

Am I on the right track here? I'm a bit unclear on how the permissions need to be set to keep each users directory secure, but I intend to give this a try tomorrow to find out.

I think the above *should maybe* work.

Anybody able to tell me where I'm going wrong with the above thinking?

Thanks again.
 
Back
Top