One SSL listener - mulitple SSL Virtual Hosts

[Eric-A-R-M]

Hi there!

I'm facing an oddity when using multiple vhosts each with its own SSL certificate.

I find it strange that you have to set a SSL certificate in the SSL listener while you are setting SSL certificates in Virtual Hosts anyway. I would expect that only one setting either in the SSL listener or the Virtual Hosts should be necessary; with the Virtual Hosts settings overwriting whatever is set in the SSL listener.

As this doesn't seem to be possible I have set one of the certificates of one Virtual Host also in the SSL listener. This leads to some irritation as various SSL tests are reporting both certificates for the same domain (Virtual Host), example: https://www.ssllabs.com/ssltest/analyze.html?d=mmoatk.com&hideResults=on

The same behaviour was reported there: https://forum.openlitespeed.org/thr...dedicated-ssl-for-two-different-domains.3868/

Am I doing something wrong? Does this have any negative consequences? Can this be improved?

 

[Pong]

a SSL certificate on lister is a default one. You can override on virtual host level. If no override, VH will inheritate from lister one.

 

[Eric-A-R-M]

Thanks for the reply! I've understood how it works but I think it's very odd. If valid certificate was added on VH level there shouldn't be another certificate needed on Listener level for the whole system to work. But that's exactly what I'm experiencing. And the one added to the listener still appears in public SSL tests even when there is a valid certificate on the VH level.

 

[Pong]

listerner level ssl will be your default server level one, for example, your server's host name is www.mainserverhostname.com. Your server default one will need to be set.

At virtual host level, you might have 100 domains(100 virtual hosts), domain1.com, domain2.com etc.