two domain names - one IP - both SSL
Jan Grant
Jan.Grant at bristol.ac.uk
Fri Apr 30 04:30:30 PDT 2004
On Fri, 30 Apr 2004, Remko Lodder wrote:
> Dick Davies wrote:
>
> > * David Banning <david+dated+1083734386.829e4a at skytracker.ca> [0421 06:21]:
> >
> >>I am wondering how I could run SSL on two different domain names
> >>using just one IP address.
> >>
> >>I am using virtual hosting with apache.
> >>
> >>Is that possible?
> >
> >
> > No.
>
> Can someone explain to me then, that i had different https sites?
> covering IDS networks/ mail networks etc?
>
> I did that with <VirtualHost <ip>:443>
> Now then, that tended to work..
Your HTTP client is broken and isn't checking SSL certificates
correctly? Or you didn't meet the "one IP" requirement of the original
poster. Or you served up the same SSL certificate for every vhost.
HTTPS establishes an SSL connection with the server prior to _any_ HTTP
conversation. Since SSL requires a certificate which is linked to the
server host name, and the virtual host name hasn't been transmitted by
the client yet, there's no way short of ESP for the server to tell which
SSL certificate to use. There's a detailed explanation on the apache
website; but this isn't an apache failing so much as a general issue
with HTTP/SSL.
--
jan grant, ILRT, University of Bristol. http://www.ilrt.bris.ac.uk/
Tel +44(0)117 9287088 Fax +44 (0)117 9287112 http://ioctl.org/jan/
Political talk? / What is said can be unsaid / with good old BS
-- ASCII haiku
More information about the freebsd-questions
mailing list