httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Enrico Weigelt <weig...@metux.de>
Subject Re: SSL + name based virtual hosting
Date Fri, 17 Dec 2004 17:23:43 GMT
* Dale Ghent <daleg@elemental.org> wrote:

Hi,

<snip>
> With SSL, this HTTP request is already encrypted. The server will need 
> to have a way to figure out what SSL key to use to decrypt that HTTP 
> request, but can't do it unless it knows what host/site address the 
> request is for so it can use the correct key... so, this is why SSL 

hmm, is it somehow possible to work with multiple cert on the 
same socket ? does the SSL handshake leave any chance that probably
more then one cert can be tried, until someone matches ? 

if this would be possible, we could give each vhost an own cert 
(instead of wildcard certs) and let the httpd+client try out, 
which cert matches - based on the matched cert we know which 
vhost is requested ...


cu
-- 
---------------------------------------------------------------------
 Enrico Weigelt    ==   metux IT service

  phone:     +49 36207 519931         www:       http://www.metux.de/
  fax:       +49 36207 519932         email:     contact@metux.de
  cellphone: +49 174 7066481
---------------------------------------------------------------------
 -- DSL ab 0 Euro. -- statische IP -- UUCP -- Hosting -- Webshops --
---------------------------------------------------------------------

Mime
View raw message