In my httpd.conf:
If I have my virtual host configured as:
NameVirtualHost *:80
<VirtualHost *:80>
ServerName foo.com
ServerAlias www.foo.com
Include conf.d/foo.conf
</VirtualHost>
<VirtualHost *:80>
ServerName bar.com
ServerAlias www.bar.com
Include conf.d/bar.conf
</VirtualHost>
Can I get by with a single domain SSL certificate or must I purchase a wildcard SSL certificate to handle the www subdomain?
I am now trying to configure the ssl.conf file, can I use name-based vhosts in my ssl.conf file like this:
NameVirtualHost *:443
<VirtualHost *:443>
ServerName foo.com
ServerAlias www.foo.com
...
Include conf.d/foo.conf
</VirtualHost>
<VirtualHost *:443>
ServerName bar.com
ServerAlias www.bar.com
...
Include conf.d/bar.conf
</VirtualHost>
or do I need IP based vhosts? If this is possible, what kind of cert would I need in order to do this?
Name based virtual hosts using SSL are possible, but require SNI : http://en.wikipedia.org/wiki/Server_Name_Indication
Depending on the browsers you expect to hit your site, you can use SNI). Otherwise, you need to use IP based vhosts. A self-signed cert will work, but typically a basic SSL cert (about $100, or less) will suffice.
If both sites are on the same IP address, your best option is to use a UC certificate that includes all four names (foo.com, www.foo.com, bar.com, www.bar.com). Then you don't have to worry about SNI which isn't fully supported yet or getting multiple IP addresses or getting a name mismatch error.