You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rb...@apache.org on 2012/03/05 02:20:58 UTC
svn commit: r1296922 - in /httpd/httpd/branches/2.4.x/docs/manual/ssl:
ssl_faq.html.en ssl_faq.xml
Author: rbowen
Date: Mon Mar 5 01:20:57 2012
New Revision: 1296922
URL: http://svn.apache.org/viewvc?rev=1296922&view=rev
Log:
As per https://issues.apache.org/bugzilla/show_bug.cgi?id=51746 mention
that subjectAltName and wildcard certs are viable solutions.
Modified:
httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.html.en
httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.xml
Modified: httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.html.en?rev=1296922&r1=1296921&r2=1296922&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.html.en Mon Mar 5 01:20:57 2012
@@ -606,6 +606,11 @@ error when connecting to my newly instal
complete the SSL handshake phase. See the next question for how to
circumvent this issue.</p>
+ <p>Note that if you have a wildcard SSL certificate, or a
+ certificate that has multple hostnames on it using subjectAltName
+ fields, you can use SSL on name-based virtual hosts without further
+ workarounds.</p>
+
<h3><a name="vhosts2" id="vhosts2">Is it possible to use Name-Based
Virtual Hosting to identify different SSL virtual hosts?</a></h3>
@@ -620,6 +625,11 @@ Virtual Hosting to identify different SS
feature that only the most recent revisions of the SSL
specification added, called Server Name Indication (SNI).</p>
+ <p>Note that if you have a wildcard SSL certificate, or a
+ certificate that has multple hostnames on it using subjectAltName
+ fields, you can use SSL on name-based virtual hosts without further
+ workarounds.</p>
+
<p>The reason is that the SSL protocol is a separate layer which
encapsulates the HTTP protocol. So the SSL session is a separate
transaction, that takes place before the HTTP session has begun.
Modified: httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.xml?rev=1296922&r1=1296921&r2=1296922&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/ssl/ssl_faq.xml Mon Mar 5 01:20:57 2012
@@ -607,6 +607,11 @@ error when connecting to my newly instal
handshake is finished, but the information is needed in order to
complete the SSL handshake phase. See the next question for how to
circumvent this issue.</p>
+
+ <p>Note that if you have a wildcard SSL certificate, or a
+ certificate that has multple hostnames on it using subjectAltName
+ fields, you can use SSL on name-based virtual hosts without further
+ workarounds.</p>
</section>
<section id="vhosts2"><title>Is it possible to use Name-Based
@@ -622,6 +627,11 @@ Virtual Hosting to identify different SS
feature that only the most recent revisions of the SSL
specification added, called Server Name Indication (SNI).</p>
+ <p>Note that if you have a wildcard SSL certificate, or a
+ certificate that has multple hostnames on it using subjectAltName
+ fields, you can use SSL on name-based virtual hosts without further
+ workarounds.</p>
+
<p>The reason is that the SSL protocol is a separate layer which
encapsulates the HTTP protocol. So the SSL session is a separate
transaction, that takes place before the HTTP session has begun.