Using mod_rewrite to Mimic SSL Virtual Hosts?

Question

What is the best way to transparently rewrite a URL over an SSL connection with Apache 2.2?

Apache 2 does not natively support multiple name-based virtual hosts for an SSL connection and I have heard that mod_rewrite can help with this. I would like to do something like this:

I have set up the server so that the sites can be accessed by

https://secure.example.com/dbadmin

but I would like to have this as https://dbadmin.example.com

How do I set it up so that the Rewrite rule will rewrite dbadmin.example.com to secure.example.com/dbadmin, but without displaying the rewrite on the client's address bar (i.e. the client will still just see dbadmin.example.com), all over https?

Answer 1

Configure a single VirtualHost to serve both secure.example.com and dbadmin.example.com (making it the only *:443 VirtualHost achieves this). You can then use mod_rewrite to adjust the URI for requests to dbadmin.example.com:

<VirtualHost *:443>
    ServerName secure.example.com
    ServerAlias dbadmin.example.com

    RewriteEngine on
    RewriteCond %{SERVER_NAME} dbadmin.example.com
    RewriteRule !/dbadmin(.*)$ /dbadmin$1
</VirtualHost>

Your SSL certificate will need to be valid for both secure.example.com and dbadmin.example.com. It can be a wildcard certificate as mentioned by Terry Lorber, or you can use the subjectAltName field to add additional host names.

If you're having trouble, first set it up on <VirtualHost *> and check that it works without SSL. The SSL connection and certificate is a separate layer of complexity that you can set up after the URI rewriting is working.

Answer 2

Unless your SSL certificate is the "wildcard" or multi-site kind, then I don't think this will work. The rewrite will display in the browser and the name in the address bar must be valid against the certificate, or your users will see a security error (which they can always accept and continue, but that doesn't sound like what you'd like).

More here.