Is it possible to have both SSL protocol and non-SSL protocol running on the same server in Apache 2.x?
So if I access http://example.com
(non-SSL) and https://example.com
(SSL) they would both be available.
If so, would I need to create a virtual host? How would this VirtualHost
directive look like, could anyone give me an example? (Assuming I already have the certificates)
Yes, you simply add another VirtualHost for the same name on port 443 (HTTPS).
Set SSLProtocol
to whichever protocols you wish to allow.
<VirtualHost *:80>
ServerName your-domain.com
DocumentRoot /var/www/your-domain-root
</VirtualHost>
<VirtualHost *:443>
DocumentRoot /var/www/your-domain-root
ServerName your-domain.com
SSLEngine On
SSLOptions +StrictRequire
SSLCertificateFile /path/to/server.crt
SSLCertificateKeyFile /path/to/server.key
SSLProtocol TLSv1
</VirtualHost>