SSL Certificates Installation Instruction - Sambar

a. Fetch your certificate

1.You will receive an email when your certificate is issued.
2.Select the 'Standard certificate' format option to download your issued certificate.
3.Copy and Paste your WoSign certificate to a text editor (Notepad) and save the file as cert.pem

b. Install your certificate

The certificate file received from thawte must be placed in the config directory and either named cert.pem or the Certificate File parameter in the config.ini file must be modified to the name of the file containing the certificate. Similarly, the private key file must be named key.pem or the Private Key File parameter in the config.ini file must be modified.

Starting the HTTPS Server
The HTTPS server does not start by default, it must be enabled via the config.ini file entry Act As HTTPS Server = true. By default, the HTTPS server runs on port 443; this too can be changed via the config.ini entry HTTPS Port = 443.

SSL and Virtual Hosts
Presently, only a single private key and certificate file can be configured for the Sambar Server. As a result of this implementation, the SSL package cannot be used with virtual hosts. There appears to be a significant architectural limitation of SSL that prevents it from being used with virtual hosts. The problem is that the SSL handshake must come first (during which the CERT is exchanged) and then the HTTP header can be parsed; the HTTP Host: header is used to route the request to the appropriate virtual host. So a new CERT for each virtual host doesn't seem possible unless each host is associated with a separate IP address or server port.