Using one SSL certificate on the server is pretty easy, but what when we want to use SVN with apache and run the site which requires a payment system? Check if you do not have a second IP address before renting next server. Fortunately – Fasthosts give it for all servers.
Configuration happened to not be very complicated.
* server with two IP addresses
* apache(2) with working SSL on one server
Configuring the second IP address on Gentoo
If one has two Ethernet cards there is just a need to use them, The „not so standard“ part is when there is only one Ethernet card and more IP addresses pointing to it.
In gento one has to edit the /etc/conf.d/net file and add alias to the existing ethX, in my case – eth0.
config_eth0=( "xxx.xxx.xxx.89 netmask 255.255.252.0 brd xxx.xxx.yyy.255" "xxx.xxx.xxx.88 netmask 255.255.252.0 brd xxx.xxx.yyy.255" )
Restart the network services
Then ifconfig should show both IP addresses the aliased one as eth0:1
eth0 Link encap:Ethernet HWaddr 00:30:05:zz:zz:zz inet addr:xxx.xxx.xxx.89 Bcast:xxx.xxx.yyy.255 Mask:255.255.252.0 [...] eth0:1 Link encap:Ethernet HWaddr 00:30:05:zz:zz:zz inet addr:xxx.xxx.xxx.88 Bcast:xxx.xxx.yyy.255 Mask:255.255.252.0
Taken from gentoo-wiki
cd /etc/apache2/ssl/ openssl genrsa -out server.key 1024 openssl rsa -in server.key -out server.pem openssl req -new -key server.pem -out server.csr chmod 600 server.*
Fill all needed information (do remember that the common name (CN) is the exact name of your website).
Use the server.csr to buy certificate or sign it on your own:
openssl x509 -req -days 365 -in server.csr -signkey server.pem -out server.crt
Apache2 version before 2.2
Apache2 version 2.2
Change _default_ in <VirtualHost _default_:443> to <VirtualHost xxx.xxx.xxx.88:443>
Copy whole Virtual Host section and change the IP of the second section VirtualHost definition.
Remember to change the SSLCertificateFile and SSLCertificateKeyFile values in the second VirtualHost section to point to the right certificate files
Restart apache and voila!