The standard mod_ssl support that is built into Apache does not allow more than one certificate to be used and does not support virtual hosts. If you wish to have more than one certificate or support virtual hosts with HTTPS, you will instead need to install GnuTLS and mod_gnutls for TLS and SSL support. The prerequisite for this is libgcrypt (above).
Once you have either loaded libgcrypt and its development package from RPMs via your OS package installer, or downloaded and built the libgcrypt tar file, you should obtain the GnuTLS package from one of the mirror sites found at http://www.gnu.org/software/gnutls/download.html. Untar it in the top level source directory (e.g. /rpm/Apache):
tar -xvjf gnutls-a.b.yy.tar.bz2
It will create a new directory for that version of gnutls. Switch to that directory and build gnutls:
cd gnutls-a.b.yy
./configure --with-libgcrypt-prefix=/usr/local
make
Here we show the "--with-libgcrypt-prefix" parameter being used to point the build to a version of libgcrypt that was built by you (in the step above). If you are using the standard system installed version of libgcrypt, you can probably omit this parameter.
Note that there appears to be a bug in the latest version of GnuTLS. The module lib/mac-libgcrypt.c tries to invoke gcry_md_open with a parameter of GCRY_MD_SHA224, at around line 123, however the GCRY_MD_SHA224 flag is not defined by gcrypt.h nor is the SHA-224 algorithm supported by libgcrypt. The solution, if you get a compile error is to comment out the lines in error:
/*ew
case GNUTLS_DIG_SHA224:
err = gcry_md_open ((gcry_md_hd_t *) ctx, GCRY_MD_SHA224, flags);
break;
*/
Switch to super-duper user and install gnutls:
su
make install
Next, obtain the latest mod_gnutls package from:
http://www.outoforder.cc/projects/apache/mod_gnutls/
Again, untar it in the top level source directory (e.g. /rpm/Apache):
tar -xvjf mod_gnutls-a.b.yy.tar.gz
It will create a new directory for that version of mod_gnutls. Switch to that directory and build mod_gnutls. Note that the configure script is dain bramaged and does not work, despite setting --with-libgnutls to "/usr/local". To fix this problem, you must also set LD_LIBRARY_PATH:
cd php-a.b.yy
LD_LIBRARY_PATH=/usr/local/lib
export LD_LIBRARY_PATH
./configure --with-apxs=/usr/share/httpd-m.n/bin/apxs
--with-libgnutls=/usr/local
make
Switch to super-duper user and install mod_gnutls:
su
make install
Note that you will have to load mod_gnutls as a DSO in the Apache config file (see below) and you will have to set LD_LIBRARY_PATH before you run Apache (ususally in the httpd script in /etc/init.d -- see below), if you built newer libgcrypt and/or libgnutls libraries into a non-standard load library path (e.g. /usr/local/lib).