You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Vinay Purohit <Vi...@trianz.com> on 2008/03/30 09:36:57 UTC

[users@httpd] Name-based virtual hosting with SSL

Hi,

Why Name-based virtual hosting cannot be used with SSL secure servers ?

\Vinay

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Name-based virtual hosting with SSL

Posted by Joshua Slive <jo...@slive.ca>.

On Sun, Mar 30, 2008 at 3:36 AM, Vinay Purohit <Vi...@trianz.com> wrote:
>
>  Hi,
>
>  Why Name-based virtual hosting cannot be used with SSL secure servers ?

Because in order to choose the correct certificate to negotiate the
secure connection, the server must know what name to use. But the name
in the request is only available after the secure connection has been
negotiated.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Name-based virtual hosting with SSL

Posted by John Almberg <ja...@identry.com>.

It can be, but you have to use a non-standard port if you have more  
than one domain on the IP address. I do this for internal use, but as  
someone recently pointed out, some corporate firewalls block non- 
standard ports, so you can't depend on this technique for commercial  
sites that must reach a wide audience.

-- John

On Mar 30, 2008, at 3:36 AM, Vinay Purohit wrote:

>
> Hi,
>
> Why Name-based virtual hosting cannot be used with SSL secure  
> servers ?
>
> \Vinay
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server  
> Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Websites for On-line Collectible Dealers
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Identry, LLC
John Almberg
(631) 546-5079
jalmberg@identry.com
www.identry.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org