Self signed cert for multiple websites

Keith Smith techlists at phpcoderusa.com
Sat Jul 4 09:41:18 MST 2015 

On 2015-07-04 08:53, Stephen Partington wrote:
> https://blog.celogeek.com/201209/209/how-to-create-a-self-signed-wildcard-certificate/
> [2]


After reading a bit about this I assume I use the host name which is 
something like servername.domain.local.

When asked "Common Name (eg, your name or your server's hostname) []:" I 
enter *.domain.local. (hostname)

Which will create a server wide wild card cert that will work with 
MyTestSite.local, MyOtherSite.local ... etc.  Do I understand correctly? 
  And should work with sub-domains as well such as shop.MyTestSite.local, 
shop.MyOtherSite.local... etc.

One cert for all.

Thanks again for all your help!!

Keith


> 
> On Sat, Jul 4, 2015 at 8:39 AM, Keith Smith
> <techlists at phpcoderusa.com> wrote:
> 
>> On 2015-07-04 07:53, Stephen Partington wrote:
>> 
>>> As long as the "domain" remains the same the same cert should
>>> work.
>>> Once that changes you will need a new cert.
>> 
>> I will be creating multiple test sites.  Each with a unique domain
>> such as mytestsite.local and anothertestsite.local, each having it's
>> own virtual host and docroot.
>> 
>> How do I create a unique cert for each domain?
>> 
>> There is a number of questions that are asked during the cert
>> creation.
>> 
>> Country Name (2 letter code) [GB]:
>> State or Province Name (full name) [Berkshire]:
>> Locality Name (eg, city) [Newbury]:
>> Organization Name (eg, company) [My Company Ltd]:
>> Organizational Unit Name (eg, section) []:
>> Common Name (eg, your name or your server's hostname) []:
>> Email Address []:
>> An optional company name []:
>> 
>> I assume what makes each cert unique is the answer to "Common Name
>> (eg, your name or your server's hostname)".  I enter the domain
>> name not the FQDN or hostname of the server.
>> 
>> Or maybe each cert is unique and by associating it with the domain
>> and adding the excretion to the browser is all that is needed?????
>> 
>> I am rather new to creating self signed certs and the above is an
>> assumption.
>> 
>> Any guidance is much appreciated.
>> 
>> Keith
>> 
>> On Sat, Jul 4, 2015 at 6:04 AM, Keith Smith
>> <techlists at phpcoderusa.com> wrote:
>> 
>> Hi,
>> 
>> I've configured a VM using VirtualBox and it is running CentOS 6.6.
>> 
>> To create the self signed cert I followed 3 steps:
>> 
>> 1) mkdir /etc/httpd/ssl
>> 
>> 2) cd /etc/httpd/ssl
>> 
>> 3) openssl req -x509 -nodes -days 4000 -newkey rsa:2048 -keyout
>> /etc/httpd/ssl/name-of-my-test-site.key -out
>> /etc/httpd/ssl/name-of-my-test-site.crt
>> 
>> I've tested the cert and it works.
>> 
>> Now I want to add more test sites to my VM.
>> 
>> I've done some research and am not finding any information about
>> how to configure the self signed cert(s) for multiple sites.  From
>> reading the docs it appears that I create one cert for the box and
>> it will be used by all the sites on my box (test/dev VM).  Is this
>> true or do I need to create a cert specific for each virtual
>> host? 
>> If I need to create a cert for each virtual host, how do I do so?
>> 
>> Thank you so much for all your help!!
>> 
>> --
>> Keith Smith
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1] [1]
>> 
>> --
>> 
>> A mouse trap, placed on top of your alarm clock, will prevent you
>> from
>> rolling over and going back to sleep after you hit the snooze
>> button.
>> 
>> Stephen
>> 
>> Links:
>> ------
>> [1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
>> 
>> ---------------------------------------------------
>> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>> To subscribe, unsubscribe, or to change your mail settings:
>> http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
> 
>  --
>  Keith Smith
>  ---------------------------------------------------
>  PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
>  To subscribe, unsubscribe, or to change your mail settings:
>  http://lists.phxlinux.org/mailman/listinfo/plug-discuss [1]
> 
> --
> 
> A mouse trap, placed on top of your alarm clock, will prevent you from
> rolling over and going back to sleep after you hit the snooze button.
> 
> Stephen
> 
> 
> 
> Links:
> ------
> [1] http://lists.phxlinux.org/mailman/listinfo/plug-discuss
> [2]
> https://blog.celogeek.com/201209/209/how-to-create-a-self-signed-wildcard-certificate/
> 
> ---------------------------------------------------
> PLUG-discuss mailing list - PLUG-discuss at lists.phxlinux.org
> To subscribe, unsubscribe, or to change your mail settings:
> http://lists.phxlinux.org/mailman/listinfo/plug-discuss

-- 
Keith Smith

More information about the PLUG-discuss mailing list