Hi, I have a custom vhost module using ap_hook_translate_name and sql lookup. This is enabled through a single VirtualHost section in config.
Now I need to add ssl certificates with SNI on selected sites / domains. What's the best way to go about this? I looked a little on the mod_ssl source code, and it seems it does a lot of preprocessing on config stage, and relies on a combination of VirtualHost and ServerName / Alias directives. I suppose this means that mod_ssl wouldn't work with grabbing certificates based on a path stored in sql on-the-fly. So, what's the best way to approach this? Do I hook into config processing In my vhost module and generate "fake" virtualhost entries based on database data? The minus here is I can't make changes in db without reloading httpd config. Or, do I edit mod_ssl to check sql in addition to virtualhosts, and read / prepare a certificate context on the fly? Maybe cache these for next time the same domain is requested? Or something completely different ? :) To sum up: Database Table (Domain varchar, DocumentRoot varchar, CertificatePath varchar, KeyPath varchar) No <VirtualHost> section per domain/site. Need my mod_custom_vhost or mod_ssl to check this table for certificates and add to list processed by mod_ssl during SNI. -- Best regards, Michael
