The virtual host configuration directory contains a template /etc/apache2/vhosts
.d/vhost-ssl.template with SSL-specific directives that are extensively docu-
mented. Refer to Section "Virtual Host Configuration" (page 750) for the general virtual
host configuration.
To get started, copy the template to /etc/apache2/vhosts.d/mySSL-host
.conf and edit it. Adjusting the values for the following directives should be sufficient:
• DocumentRoot
• ServerName
• ServerAdmin
• ErrorLog
• TransferLog
IMPORTANT: Name-Based Virtual Hosts and SSL
It is not possible to run multiple SSL-enabled virtual hosts on a server with
only one IP address. Users connecting to such a setup receive a warning message
stating that the certificate does not match the server name every time they
visit the URL. A separate IP address or port is necessary for every SSL-enabled
domain to achieve communication based on a valid SSL certificate.
40.7 Avoiding Security Problems
A Web server exposed to the public Internet requires an ongoing administrative effort.
It is inevitable that security issues appear, both related to the software and to accidental
misconfiguration. Here are some tips for how to deal with them.
40.7.1 Up-to-Date Software
If there are vulnerabilities found in the Apache software, a security advisory will be
issued by SUSE. It contains instructions for fixing the vulnerabilities, which in turn
The Apache HTTP Server
779