How To Set Up SSL on Multiple Sites / Virtual Hosts on Apache

This example uses Apache that comes with Bitnami’s WAPPStack (Windows, Apache, PHP, Postgres) installer.

Create your SSL certificate keys. Instructions on creating a self-signed SSL certificate are available in chapter 8.5 Creating a Self-Signed Certificate Key in O’reilly’s Website Cookbook. It uses openssl to create the certificate keys. If you are on Windows, you can install Cygwin and add the openssl package to follow the instructions.

Once you’ve created your SSL certificate keys, do the following:

1. In httpd.conf

Open the file httpd.conf and uncomment the following lines (remove the leading hash #).

[cc lang=”php”]LoadModule ssl_module modules/mod_ssl.so[/cc]

This link loads the ssl module

[cc lang=”php”]Include conf/extra/httpd-ssl.conf[/cc]

This line includes the SSL configuration file.

Include conf/extra/httpd-vhosts.conf

That’s where your virtual hosts / websites are defined.

2. In httpd-ssl.conf

Open the file httpd-ssl.conf and uncomment the following lines (remove the leading hash #).

[cc lang=”php”] Listen 443
SSLEngine on
[/cc]

and uncomment and specify the path to your certificate files on the following lines

[cc lang=”php”] SSLCertificateFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.crt”
SSLCertificateKeyFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.nopassword.key” // this is the private key without the password
[/cc]

3. In httpd-vhosts.conf

Open the file httpd-vhosts.conf and make sure you see this:

[cc lang=”php”] NameVirtualHost *:80
NameVirtualHost *:443
[/cc]

Add a virtual host container for each website as follows:

[cc lang=”html”]

ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot “C:UsersayahyaDocumentscorpsitewww”
ErrorLog “logs/corpsite-error.log”
CustomLog “logs/corpsite-access.log” common

php_value include_path “.;C:UsersayahyaDocumentscorpsitesrcdevmode;C:UsersayahyaDocumentscorpsitewwwlib”

#if you want to auto-redirect to SSL version, uncomment following lines

#RewriteEngine on

#RewriteCond %{HTTPS} !=on
#RewriteRule ^(.*)$ https://mysite2.com$1

ServerName mysite.com
ServerAlias www.mysite.com
DocumentRoot “C:UsersayahyaDocumentscorpsitewww”
ErrorLog “logs/corpsite-error.log”
CustomLog “logs/corpsite-access.log” common
SSLEngine on
SSLCertificateFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.crt”
SSLCertificateKeyFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.nopassword.key”

php_value include_path “.;C:UsersayahyaDocumentscorpsitesrcdevmode;C:UsersayahyaDocumentscorpsitewwwlib”

ServerName mysite2.com
ServerAlias www.mysite2.com
DocumentRoot “C:UsersayahyaDocumentscorpsitewww2”
ErrorLog “logs/corpsite-error.log”
CustomLog “logs/corpsite-access.log” common

php_value include_path “.;C:UsersayahyaDocumentscorpsitesrcdevmode;C:UsersayahyaDocumentscorpsitewwwlib”

#if you want to auto-redirect to SSL version, uncomment following lines

#RewriteEngine on

#RewriteCond %{HTTPS} !=on
#RewriteRule ^(.*)$ https://mysite2.com$1

ServerName mysite2.com
ServerAlias www.mysite2.com
DocumentRoot “C:UsersayahyaDocumentscorpsitewww2”
ErrorLog “logs/corpsite-error.log”
CustomLog “logs/corpsite-access.log” common
SSLEngine on
SSLCertificateFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.crt”
SSLCertificateKeyFile “C:/Program Files/BitNami WAPPStack/apache2/conf/server.nopassword.key”

php_value include_path “.;C:UsersayahyaDocumentscorpsitesrcdevmode;C:UsersayahyaDocumentscorpsitewwwlib”

[/cc]

The first container is for port 80 which is not secure. The second container is for port 443 which is secure. It includes SSL specific directives which include the path to your certificate and keys.

4. In hosts file

Don’t forget to update your hosts file by right-clicking on Notepad and selecting Run as Administrator and then do File > Open and paste in C:WindowsSystem32driversetchosts to open, edit, and save the file.

Then, restart Apache.

5. In httpd.conf

When you try to view your website, if you get the following error:

You don’t have permission to access / on this server

then open your Apache httpd.conf file and add

<Directory “C:UsersayahyaDocumentscorpsitewww”>
Options Indexes FollowSymLinks
AllowOverride All
Order allow,deny
Allow from all
</Directory>

and then restart Apache and try again.