httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jeff Sadowski" <jeff.sadow...@gmail.com>
Subject Name based virtual host ssl clever solution
Date Sat, 15 Nov 2008 02:21:30 GMT
I think I just came up with a clever solution. However web browsers
will have to support srv records
the problem with virtual hosts is that you can have only one ssl
certificate per port (443)
because ssl requires it encrypted before it sends any other information.
A solution is to run a different key on different ports thus it could
distinguish via port what key to encrypt with
https://onedomain.com:443
https://twodomain.com:444

by default a web browser goes to port 443 for https
Now if a web browser followed the rules of svr records you could tell
the web browser to go to a different port using srv records

_https._tcp.onedomain.com SRV 443
_https._tcp.twodomain.com SRV 444

then again if the web browser follows SRV records it should
automatically go to the right port for ssl and you can have an ssl
connection to a virtual host each host with its own certificate.

Mime
View raw message