httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dale Ghent <da...@elemental.org>
Subject Re: SSL + name based virtual hosting
Date Fri, 17 Dec 2004 06:12:20 GMT
On Dec 16, 2004, at 11:27 PM, Enrico Weigelt wrote:

>
> Hi folks,
>
>
> is name based virtual hosting ig. generally possible with SSL/https ?

No

As you know, name-based virtual hosting requires that the client supply 
the desired site's hostname in the Host: header of the HTTP request. 
With SSL, this HTTP request is already encrypted. The server will need 
to have a way to figure out what SSL key to use to decrypt that HTTP 
request, but can't do it unless it knows what host/site address the 
request is for so it can use the correct key... so, this is why SSL 
sites require their own IP address. The IP address is how the server 
knows what site that encrypted request is for by seeing what IP address 
the request comes in on. That is not application-layer information of 
course, so it is not encrypted.

/dale


Mime
View raw message