OT: Apache as reverse SSL proxy

Ryan Coleman ryan.coleman at cwis.biz
Tue Oct 5 07:32:14 UTC 2010


On Oct 5, 2010, at 2:05 AM, Adam Vande More wrote:

> On Tue, Oct 5, 2010 at 1:36 AM, Ryan Coleman <ryan.coleman at cwis.biz> wrote:
> 
>> 
>> On Oct 5, 2010, at 12:33 AM, Matthew Seaman wrote:
>> 
>>> Nowadays there is also the possibility of RFC2817 -- in essence you
>>> start an ordinary HTTP session, then issue a STARTTLS command and
>>> upgrade the connection to encrypted.  This will allow name-based virtual
>>> hosting with TLS to work as intended.  Unfortunately, last I checked,
>>> while apache supports this, most web browsers do not.
>> 
>> Throwing just my two bits in: Apache supports it, as does Firefox, and
>> nothing else (maybe Safari does...).
>> 
>> IE definitely does not. I looked into this before opting to go multiple
>> static IPs at home for my
>> webservers._______________________________________________
>> 
> 
> IE 7+ does however support RFC 3546(SNI), which is the defacto standard for
> accomplishing SSL name based vhosts.
> http://en.wikipedia.org/wiki/Server_Name_Indication

Only in Vista and later versions of Windows; Not XP. 


More information about the freebsd-questions mailing list