You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by stupidmail4me <st...@yahoo.com> on 2004/10/12 04:03:36 UTC

[users@httpd] SSL and name based virtual hosts

I know it's not possible to host more then one ssl
site using name based virtual hosting. I understand
why also, the whole catch-22 thing.

How do people work around this? I only have one IP,
and I know some people simply use alternate port
numbers. Is this the only way to get around this? Have
one site be https://www.site1.com:1, and another be
https://www.site2.com:2, etc.?

Thanks.

-James
stupidmail4me@yah--takethispartout--oo.com


		
__________________________________
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
http://promotions.yahoo.com/new_mail 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

[users@httpd] Re: SSL and name based virtual hosts

Posted by FloSoft <Fl...@gmx.de>.

-----BEGIN PGP SIGNED MESSAGE-----

I have also only one cert, and my secure sites are only accessable by

https://ssl.mydomain.tld/host1.mydomain.tld/
https://ssl.mydomain.tld/host2.mydomain.tld/
https://ssl.mydomain.tld/anotherdomain.tld/

and so on, that works fine

(ProxyPathReverse for host1.mydomain.tld/ ->
http://host1.mydomain.tld, the other "hosts" are on the same server
so the proxy-transfer is secure)

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQCVAwUBQWwv7ca99vJRRkghAQG1YQP/UQgFbViIFwUK/s2sPsCRvjziMFvCEdXV
hH6sbMgB0KW2Ku9onOGCXbc77xClJ9VwV8hgtmPoULPorG7IgOPUBBIW13wsicMr
HwMWDXYF1pn/Ip2Dfni2V4YBLj8sqU8hPnm+Z9Q3po7TJOXCmcUe1CrsbJF9vJ5I
nQxKd5QPyKA=
=eQTV
-----END PGP SIGNATURE-----




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] SSL and name based virtual hosts

Posted by Robert Andersson <ro...@profundis.nu>.

Herb Stein wrote:
> This is probably not what you're after, but...
>
> [snip]
>
> I bury their SSL site behind my company SSL site. So
> www.yourcompany.com is a normal NBVH. The SSL page will be
> www.herbstein.com/yourcompany.com

Another variant on that is to get a wild card cert for *.domain.tld, and 
have:
https://site1.domain.tld/
https://site2.domain.tld/

However, you loose the authentication part of SSL (the visitor can trust the 
site) and only get the encryption.

Regards,
Robert Andersson 


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] SSL and name based virtual hosts

Posted by Herb Stein <he...@herbstein.com>.

This is probably not what you're after, but...

> -----Original Message-----
> From: stupidmail4me [mailto:stupidmail4me@yahoo.com]
> Sent: Monday, October 11, 2004 9:04 PM
> To: users@httpd.apache.org
> Subject: [users@httpd] SSL and name based virtual hosts
>
>
> I know it's not possible to host more then one ssl
> site using name based virtual hosting. I understand
> why also, the whole catch-22 thing.
>
> How do people work around this? I only have one IP,
> and I know some people simply use alternate port
> numbers. Is this the only way to get around this? Have
> one site be https://www.site1.com:1, and another be
> https://www.site2.com:2, etc.?

I bury their SSL site behind my company SSL site. So
www.yourcompany.com is a normal NBVH. The SSL page will be
www.herbstein.com/yourcompany.com
This also saves the folks the $125 or whatever for the SSL
certificate. No one, so far, has wanted to spend the money
for me to blow off another IP address.

Just an idea.

> Thanks.
>
> -James
> stupidmail4me@yah--takethispartout--oo.com
>
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Mail Address AutoComplete - You start. We finish.
> http://promotions.yahoo.com/new_mail
>
--
Herb Stein
herb@herbstein.com
314 952-4601
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.772 / Virus Database: 519 - Release Date: 10/1/2004



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org