Same server, both SSL and non-SSL

Question

Is it possible to have both SSL protocol and non-SSL protocol running on the same server in Apache 2.x?

So if I access http://example.com (non-SSL) and https://example.com (SSL) they would both be available.

If so, would I need to create a virtual host? How would this VirtualHost directive look like, could anyone give me an example? (Assuming I already have the certificates)

Do you want the SSL and non-SSL addresses to access the same site? — austin1howard, Feb 03 '12 at 10:08
This is in no way related to programming and is offtopic here. — Eugene Mayevski 'Callback, Feb 03 '12 at 11:03
@EugeneMayevski'EldoSCorp: server programming CAN be called programming in the traditional sense. — Eduard Luca, Feb 03 '12 at 13:15
It's not programming, it's the configuration of an existing server application (Apache Httpd). — Bruno, Feb 03 '12 at 13:40
@EduardLuca No, it's not. Coffee making can't be called programming if coffee is often used for programming at night. — Eugene Mayevski 'Callback, Feb 03 '12 at 15:08

score 28 · Accepted Answer · answered Feb 03 '12 at 10:11

Yes, you simply add another VirtualHost for the same name on port 443 (HTTPS). Set SSLProtocol to whichever protocols you wish to allow.

<VirtualHost *:80>
    ServerName your-domain.com
    DocumentRoot /var/www/your-domain-root
</VirtualHost>

<VirtualHost *:443>
    DocumentRoot /var/www/your-domain-root
    ServerName your-domain.com
    SSLEngine On
    SSLOptions +StrictRequire
    SSLCertificateFile /path/to/server.crt
    SSLCertificateKeyFile /path/to/server.key
    SSLProtocol TLSv1
</VirtualHost>

Same server, both SSL and non-SSL

1 Answers1

Linked