httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Patryk Szczygłowski" <>
Subject Re: Name based virtual host ssl clever solution
Date Sun, 23 Nov 2008 12:47:17 GMT
On Sat, Nov 15, 2008 at 03:21, Jeff Sadowski <> wrote:
> I think I just came up with a clever solution. However web browsers
> will have to support srv records
> the problem with virtual hosts is that you can have only one ssl
> certificate per port (443)
> because ssl requires it encrypted before it sends any other information.
> A solution is to run a different key on different ports thus it could
> distinguish via port what key to encrypt with
> by default a web browser goes to port 443 for https
> Now if a web browser followed the rules of svr records you could tell
> the web browser to go to a different port using srv records
> SRV 443
> SRV 444
> then again if the web browser follows SRV records it should
> automatically go to the right port for ssl and you can have an ssl
> connection to a virtual host each host with its own certificate.

Yes, idea is good...

I've found several Internet Drafts about this topic, but none of them
got released as RFC so far:

I'm not sure if any browser available currently support this, but I
suppose none. Maybe if it became RFC, you might get Mozilla folks
interested with this :)

Patryk Szczygłowski
P. J. O'Rourke  - "Never wear anything that panics the cat."
View raw message