From Schmid.wiki
Jump to: navigation, search

Ubuntu SSL Configuration

Apparently, SSL vhosts on the same IP doesn't work. So we create a single SSL certificate for all vhosts (using a wildcard DNS name).

We'll create an example server certificate for the vhosts *.awesome.dk:

openssl req -new -x509 -nodes -sha1 -days 1825 -key /etc/ssl/private/ssl-cert-snakeoil.key > /etc/ssl/certs/awesome.dk

The following information is entered:

You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:dk
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) []:Copenhagen
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Awesome Company
Organizational Unit Name (eg, section) []:Copenhagen Office
Common Name (eg, YOUR name) []:*.awesome.dk <- Common name now matches server name
Email Address []:someone@awesome.dk