# 1개의 물리적인 리눅스 서버에 다수 도메인의 도메인별 보안인증서 설치(멀티SSL아님)
<IfDefine SSL>
Listen 80
Listen 443
Listen 444
Listen 445
Listen 446
</IfDefine>
# SSL 사용하고자 하는 포트번호를 Listen해준다.
<IfDefine SSL>
##
## SSL Virtual Host Context
##
## ---------- 글쓴이 : 브이디자인(http://www.vdesign.co.kr) ----------
<VirtualHost 111.111.111.111:443>
DocumentRoot "/www/aaa"
ServerName www.aaa.co.kr
ServerAlias aaa.co.kr
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.aaa.co.kr.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/www.aaa.co.kr.key
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/QuickTrustSSL_Bundle.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
<VirtualHost 111.111.111.111:444>
DocumentRoot "/www/bbb"
ServerName www.bbb.com
ServerAlias bbb.com
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.bbb.com.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/www.bbb.com.key
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/bbb.ca-bundle.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
<VirtualHost 111.111.111.111:446>
DocumentRoot "/www/ccc"
ServerName www.ccc.co.kr
ServerAlias ccc.co.kr
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile /usr/local/apache/conf/ssl.crt/www.ccc.co.kr.crt
SSLCertificateKeyFile /usr/local/apache/conf/ssl.key/www.ccc.co.kr.key
SSLCACertificateFile /usr/local/apache/conf/ssl.crt/ccc.ca-bundle.crt
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/usr/local/apache/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
</VirtualHost>
</IfDefine>
# 각 포트번호 버츄얼 호스트 설정, SSL 파일 경로설정
# httpd.conf 수정 후 에러 테스트 명령 : apachectl configtest
# 아파치 서버 중지 : apachectl stop
# 아파서 서버 시작(SSL포함) : apachectl startssl
# 방화벽사용시 SSL용 포트번호 허용 점검