Tonight I decided to set up SSL on two internal web apps I’ve been running for a while. I have a wildcard certificate *.stockpr.com just for this purpose. Each app was originally running on a separate hostname on a single IP address on port 80.
After I started setting up SSL, I realized that I might run into trouble because Apache has always said you can’t combine NameVirtualHost and SSL. The reason for this is that the SSL session is established before the HTTP headers are sent. Since NameVirtualHost relies on the HTTP Host header, which is unavailable since it hasn’t yet been sent at the time SSL is being negotiated, Apache can only use a single SSL cert per combination of IP and port.
(more…)