httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Chris Meadors <clubn...@hereintown.net>
Subject Re: [users@httpd] Beginner How-To
Date Thu, 05 Dec 2002 14:22:48 GMT
De Leeuw Guy wrote:
> Hi,
> 
> What is the reason why ssl require 1 IP by domain ?

Have you ever telneted to your server to test a virtual domain?

It goes something like this:

$telnet server 80
GET / HTTP/1.1
Host: virtual.host.name
Close
^M^M

See that "Host:" line.  That is what allows Apache to know which name 
based virtual host you are trying to talk to.

All the header stuff gets encrypted in an HTTPS session.  But even 
before it gets to that point, it needs to offer the right certificate to 
the client.  How does the server know which cert to send without the 
header, and how does it get the header without sending a cert?

It needs something lower then HTTP to figure out what certificate to 
send when it comes to that point.  Apache can also do IP and port based 
virtual hosts.  So those are your options.  If you don't want to build 
URLs that include nonstandard ports, such as  https://server:4443/. 
You'll have to use different IPs.

As was said, you can run 1 SSL virtual host, because it will be the only 
one listening on 443.

-- 
Chris


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message