The problem with multiple SSL on the same IP

If there are several sites with SSL on the same IP address, then old ancient browsers that do not support SNI will not be able to determine which certificate to download and will most likely download the first one that is registered at the beginning of the web server configuration.

To solve this problem, you need to transfer sites to different IP addresses or specify the path to the certificate of the most necessary site in front of the certificates of other nodes in the Apache2 configuration file.

If cPanel is used, then you do not need to edit the configuration manually, since it will be reset after the next update or settings, in this case, in the WHM panel in the “SSL/TLS” – “Manage SSL sites” menu, click on the “Make Primary” button and in the Apache2 configuration path to the certificate of this node will automatically move before the certificates of other nodes.

See also my article:
Installing Certbot in Ubuntu

Did my article help you? How about buying me a cup of coffee as an encouragement? Buy me a coffe.

Leave a comment

Leave a Reply