HOWTO: Shared SSL certificate with client domains using soft symlink

mmerlin

Verified User
Joined
Jul 26, 2004
Messages
76
Location
Melbourne, Australia
I bought an SSL cert for my domain https://ecoms.com/

I wanted the SSL to work for the public_html directory instead of the private_html directory.

Thanks to a very informative post by BigWil
I made the required modifications to the first 2 lines of
virtual_host_secure.conf

Excellent we are up and running!

https://ecoms.com/

is then working from the public_html directory


Then doing a bit of thinking I thought, how can I share this SSL cert with my customers own directories/files

And here is what I came up with

I create a "soft" symlink called clientdomain.com in the ecoms directory

e.g.
cd /home/ecoms/domains/ecoms.com/public_html/
ln -s /home/clientuser/domains/clientdomain.com/public_html clientdomain.com

now in the browser we can go to
https://ecoms.com/clientdomain.com/

and it all works just great!

The only caveat I found is if clientdomain.com is using frames and the frame targets are referencing pages on their own website explicitly then you get a warning message in your browser.

But so long as clientdomain.com is using single pages and not frames, then it seems to work fine.


Note, although this example uses
https://ecoms.com/

it could just as easily be
https://www.ecoms.com/
or
https://secure.ecoms.com/

depending on what you nominated as the hostname for your SSL certificate when you purchased it, and ensuring you create the soft symlink in the correct directory that the SSL cert is working from.

Hope this helps someone out there :)
 
addendum

I also just now found it useful for a particular client site (oscommerce) to add a second symlink for the www.clientdomain.com

e.g.

ln -s /home/clientuser/domains/clientdomain.com/public_html www.clientdomain.com

It helped ensure all the graphics loaded properly
 
mmerlin said:
now in the browser we can go to
https://ecoms.com/clientdomain.com/

and it all works just great!

The only caveat I found is if clientdomain.com is using frames and the frame targets are referencing pages on their own website explicitly then you get a warning message in your browser.
Another caveat you may not have thought of...

Guess who's being charged for the data transit/bandwidth?

Of course a savvy client who knows this can always set all his links to work through your site so he'll only pay bandwidth charges on hits to his main page.

Jeff
 
Re: Re: HOWTO: Shared SSL certificate with client domains using soft symlink

jlasman said:
Guess who's being charged for the data transit/bandwidth?
Ah good one Jeff, I hadn't considered that aspect, thanks for mentioning it.

Not that I'm going to bother tracking it, but being pedantic if you really wanted to, I thought of one solution... configure webalizer to report ALL stats (no truncating after X rows) and then write a webalizer stats page analyzer which totals bandwidth usage for all pages within one directory of your website (i.e. the symlinked ones).

Fair bit of work there, but if bandwidth is a profit center for you then some kind of solution might be worthwhile.

In my case it's a lot easier to just charge the clients a flat fee for use of the shared SSL cert.
 
Back
Top