Conductor serves many different sites at the University of Notre Dame, however, not all sites in Conductor are under the nd.edu umbrella — www.holycrossusa.org is one of them.
One problem that arose is that non-administrative users needed to securely access the site. As it was configured, anyone going to https://www.holycrossusa.org/ using the Chrome browser would see the following SSL certificate warning. Other browsers would give even more pessimistic notifications.
What was needed was a separate SSL certificate on the Conductor for www.holycrossusa.org. The big gotcha is that most other documentation I found says to set the NameVirtualHost to the server’s IP address. And that means the internal, or Local-IP address, as provided by the %A custom log format directive of Apache. If you use your server’s Public-IP address, things may not work.
Below is the relevant /etc/httpd.conf entries.
# Configuration for conductor.nd.edu NameVirtualHost [LOCAL-IP-ADDRESS-1]:80 NameVirtualHost [LOCAL-IP-ADDRESS-1]:443 <VirtualHost [LOCAL-IP-ADDRESS-1]:80> ServerName conductor.nd.edu ServerAlias *.conductor.nd.edu Include conf/apps/conductor.common </VirtualHost> <VirtualHost [LOCAL-IP-ADDRESS-1]:443> ServerName conductor.nd.edu ServerAlias *.conductor.nd.edu Include conf/apps/conductor.common RequestHeader set X_ORIGINAL_PROTOCOL https SSLEngine on SSLCertificateFile /path/to/conductor.crt SSLCertificateKeyFile /path/to/conductor.key SSLCACertificateFile /path/to/conductor.intermediate.crt </VirtualHost> # Configuration for www.holycrossusa.org NameVirtualHost [LOCAL-IP-ADDRESS-2]:80 NameVirtualHost [LOCAL-IP-ADDRESS-2]:443 <VirtualHost [LOCAL-IP-ADDRESS-2]:80> ServerName www.holycrossusa.org ServerAlias www.holycrossusa.org Include conf/apps/conductor.common </VirtualHost> <VirtualHost [LOCAL-IP-ADDRESS-2]:443> ServerName www.holycrossusa.org ServerAlias holycrossusa.org Include conf/apps/conductor.common RequestHeader set X_ORIGINAL_PROTOCOL https SSLEngine on SSLCertificateFile /path/to/holycrossusa.org.crt SSLCertificateKeyFile /path/to/www.holycrossusa.org.key SSLCACertificateFile /path/to/holycross.intermediate.crt </VirtualHost>