MAIN MENU

Knowledgebase

Portal Home > Knowledgebase > SSL Certificates & Security > Can I have multiple SSL virtual servers on the same IP address and port number?

Can I have multiple SSL virtual servers on the same IP address and port number?

No. Each SSL enabled web site must have a unique IP address and port number combination, for the reasons detailed below:

With HTTP/1.1, web sites can be distinguished by their hostname, rather than just their IP address. This is done by passing the hostname of the requested site in the 'Host:' header field in the HTTP request. The web server uses the host header to determine which virtual server a particular request is for.

Unfortunately, when SSL is enabled, the entire HTTP request is encrypted. In order to decrypt the request, the web server needs access to the correct SSL key (each SSL enabled site has a different key). But if it were configured to host several SSL sites on the same IP address and port number, it would not be able to discover which site a particular request was for, and would therefore be unable to find the appropriate SSL key.

The web server needs the information in the host header to select the correct SSL key, but can't read the host header until it's decrypted it.

Therefore, SSL enabled virtual servers must be distinguished with unique IP address/port number combinations, and the Web Server will report an error if you should attempt to start two SSL enabled virtual servers on the same IP address and port number.



Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
What does the Warranty with SSL Certificates actually mean? (Views: 1560)
How to generate a CSR in cPanel 11 (Views: 1578)
What is an SSL Administrative Email? (Views: 1463)

Powered by WHMCompleteSolution

Language: