OT: Apache as reverse SSL proxy
Adam Vande More
amvandemore at gmail.com
Tue Oct 5 07:05:04 UTC 2010
On Tue, Oct 5, 2010 at 1:36 AM, Ryan Coleman <ryan.coleman at cwis.biz> wrote:
>
> On Oct 5, 2010, at 12:33 AM, Matthew Seaman wrote:
>
> > Nowadays there is also the possibility of RFC2817 -- in essence you
> > start an ordinary HTTP session, then issue a STARTTLS command and
> > upgrade the connection to encrypted. This will allow name-based virtual
> > hosting with TLS to work as intended. Unfortunately, last I checked,
> > while apache supports this, most web browsers do not.
>
> Throwing just my two bits in: Apache supports it, as does Firefox, and
> nothing else (maybe Safari does...).
>
> IE definitely does not. I looked into this before opting to go multiple
> static IPs at home for my
> webservers._______________________________________________
>
IE 7+ does however support RFC 3546(SNI), which is the defacto standard for
accomplishing SSL name based vhosts.
http://en.wikipedia.org/wiki/Server_Name_Indication
--
Adam Vande More
More information about the freebsd-questions
mailing list