I have a CentOS/Apache+OpenSSL server. I host two domain names with wildcard sub domains (application logic surfaces the correct site), e.g.
https://*.testing1.com
https://*.testing2.com
It works great over HTTP:-
<VirtualHost *:80>
# Admin email, Server Name (domain name) and any aliases
ServerAdmin webmaster@testing1.com
ServerName testing1.com
ServerName testing2.com
ServerAlias *.testing1.com *.testing2.com
# Index file and Document Root (where the public files are located)
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
I've purchased two Wildcard SSL certificated for both testing1.com and testing2.com, but I'm unsure how to set it up in this structure:-
<VirtualHost *.testing1.com:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/*.testing1.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/*.testing1.com.key
SSLCACertificateFile /etc/httpd/ssl/geotrust.cer
ServerAdmin john@testing1.com
ServerName testing1.com
ServerAlias *.testing1.com
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
<VirtualHost *.testing2.com:443>
SSLEngine On
SSLCertificateFile /etc/httpd/ssl/*.testing2.com.crt
SSLCertificateKeyFile /etc/httpd/ssl/*.testing2.com.key
SSLCACertificateFile /etc/httpd/ssl/geotrust.cer
ServerAdmin john@testing2.com
ServerName testing2.com
ServerAlias *.testing2.com
DirectoryIndex index.html index.php
DocumentRoot /home/app/public_html/public
</VirtualHost>
The above for the SSL doesn't work, with the *.testing1.com definition, nor with just testing1.com.
I will also need to repeat this for testing2.com
Name-based virtualhosts and SSL wil only work if all the virtualhosts are within the same domain and you have a wildcard SSL certificate for that domain.
But you have 2 different domains.
In this case it will only work if you give each SSL-enabled virtualhost it's own IPaddress. So you should use IP-based virtualhosts, not Name-based.
Explanation: The ServerName which is requested, is contained in the HTTP request headers, but before that the SSL encryption must be already setup. So the ServerName is only available after the encryption has been setup. Therefore Apache can never know which SSL certificate te serve up and wil just use the first one available on that particular IPaddress.