Port numbers for SSL
5,858
Actually you CAN host multiple SSL sites on port 443. The following code in your apache config file will do the trick.
Otherwise, you can use whatever ports you want. The disadvantage will be that users will have to include the port number in the URL (eg. https://yourdomain.com:445/)
## SSL (HTTPS) PORT 443
Listen 443
NameVirtualHost *:443
LoadModule ssl_module modules/mod_ssl.so
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost *:443>
ServerName host1.com
SSLEngine on
SSLOptions +StrictRequire
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLCertificateFile /etc/httpd/ssl/host1.crt
SSLCertificateKeyFile /etc/httpd/ssl/host1.key
SSLVerifyClient none
SSLProxyEngine off
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DocumentRoot /var/www/host1/
<Directory "/var/www/host1/">
Options Indexes FollowSymLinks
AllowOverride All
Order Allow,deny
Allow from all
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName host2.com
SSLEngine on
SSLOptions +StrictRequire
SSLProtocol -all +TLSv1 +SSLv3
SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM
SSLCertificateFile /etc/httpd/ssl/host2.crt
SSLCertificateKeyFile /etc/httpd/ssl/host2.key
SSLVerifyClient none
SSLProxyEngine off
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
DocumentRoot /var/www/host2/
<Directory "/var/www/host2/">
Options Indexes FollowSymLinks
AllowOverride All
Order Allow,deny
Allow from all
</Directory>
</VirtualHost>
Related videos on Youtube
Author by
Cobus Kruger
Updated on September 18, 2022Comments
-
Cobus Kruger over 1 year
We have an existing web site with HTTP on port 80 and HTTPS on port 443. I'm adding a second site to that now, and from what I understand, I cannot host two sites on the same SSL port.
So my question is: which port number range is appropriate for me to use as my SSL port on the second site?
-
Simon Hayter about 11 yearsI could be wrong but a believe a valid SSL certification requires to be on port 443, and believe this is why shared hosting give you a dedicated IP address when purchasing a SSL. But.... this is not my field hopefully some other geeky person can confirm.
-
-
Cobus Kruger about 11 yearsThanks, but this is an IIS site. Any clue how I would go ahead to do the same?
-
Cobus Kruger about 11 yearsI did use host header names, and the two sites are in the form first.mycompany.com and second.mycompany.com. The problem is that on "Advanced Web Site Identification" there are three columns for HTTP (IP address, TCP port and Host header value) but only two for HTTPS (IP address and SSL port), so it doesn't actually seem to be possible from what I can see.