4.2. Virtual hosts and HTTPS

This configuration uses Apache's "Virtual Host" feature. According to the manual:


The term Virtual Host refers to the practise of running more than one web site (such as www.company1.com and www.company2.com) on a single machine. Virtual hosts can be "IP-based", meaning that you have a different IP address for every web site, or "name-based", meaning that you have multiple names running on each IP address. The fact that they are running on the same physical server is not apparent to the end user.


With name-based virtual hosting, the server relies on the client to report the hostname as part of the HTTP headers.

--The Apache Manual 

It is common to use name-based virtual hosting for HTTP websites. However for HTTPS there is a problem with this. The name used to select the correct virtual host is carried in the HTTPS traffic and is therefore encrypted. Before it can be decrypted, the web server has to select an appropriate certificate to offer to the browser, but to do that it needs to know which site it is serving. This is a "Catch 22" situation. Becasue of this it is necessary to use IP-based virtual hosting if a single web server needs to deal with more then one HTTPS website. This is achieved by not including the NameVirtalHost in the configuration.