Is there any way to make multiple ssl certificates on one physical server, with one ip address, but several domains? The task is to connect to the server encrypted. The problem is that all domain names are physically located on the same server, and have the same physical address.

Found on the Internet that there is a technology - Server_Name_Indication . But it is necessary to do it or not, it is not clear. What is the sequence of actions. Explain, please.

enter image description here

  • one
    Perhaps here , you will find a solution. My certbot quietly generates certificates for 3 domains on the same machine with one ip, while they are normally recognized. - Andrey

1 answer 1

SNI understands all modern browsers. In this direction you do not need to do anything. And a certificate is not tied to an IP address at all, that is, you can serve as many domains as you wish on one address and any of these domains can be blown to other addresses.

Note that you will need to make certificates for all your HTTPS-enabled domains. The easiest way - Let's Encrypt

  • I understand that it will be necessary to make a certificate, but how to add it to Apache, and it is not clear to link it to the domain. - spectre_it
  • @spectre_it digicert.com/ssl-support/…, example # 1. - Alexander Prokoshev