One SSL certificate (one domain) for two servers?

I have two servers. On SERVER1 i have configured SSL certificate (on Apache) for domain htps://somedomain.com. I need to connect to my working domain some app that exists on remote server SERVER2 - working app for example: htps://remoteapps.com/remoteApp. I used mod_proxy to do it, but SSL certificate doesn't work.

ProxyPass /remoteApp  ht*ps://remoteapps.com/remoteApp
ProxyPassReverse /remoteApp  ht*ps://remoteapps.com/remoteApp

How to make certificate for ht*ps://somedomain.com/remoteApp work too ?

------- Resolved -------

Finally I did what i describe above using mod_jk. My Apache configuration (with SSL):

<IfModule mod_jk.c>
   JkWorkersFile /etc/apache2/workers.properties
</IfModule>

<IfModule mod_ssl.c>
<VirtualHost *:443>
        ServerName  somedomain.com
        DocumentRoot /var/www
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

        SSLEngine on
        SSLCertificateFile    /etc/ssl/certs/somedomain.com.pem
        SSLCertificateKeyFile /etc/ssl/private/somedomain.com.key
        SSLCACertificateFile  /etc/ssl/certs/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.pem

        <IfModule mod_jk.c>
                JkLogFile     /var/log/apache2/mod_jk.log
                JkLogLevel    info
                JkMount /remoteApp ajp13
                JkMount /remoteApp/* ajp13
        </IfModule>

</VirtualHost>
</IfModule>

and workers.properties:

worker.ajp13.type=ajp13
worker.ajp13.host=remoteapps.com
worker.ajp13.port=8009

Now i can access remoteApp with url ht*ps://somedomain.com/remoteApp and certificate works! Maybe this help someone.


Solution 1:

You need one of:

  • Another SSL Certificate for the second domain (ie a Cert for remoteapps.com)
  • A Cert with SAN, that's multiple domain names (ie a Cert for both remoteapps.com and domain.com). This is sometimes called a UCC cert.