httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lee fellows <lfell...@4lane.com>
Subject Re: [users@httpd] More certificates for 1 server
Date Wed, 13 Aug 2003 17:12:46 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wednesday 13 August 2003 03:50, Louis Wevers wrote:
> Ah, thanks for the advise. Unfortunately using different ports is not an
> option in this case. If it's not possible using the same port /
> IP-address, I'm afraid I'll just have to get me some more IP-adresses.
> It would be nice if  a feature like this would be implemented in the
> future.
>
> Louis

  Ah, its not a 'feature' that can be added.  The 'problem' has to do with
  where/how ssl and http work in an ssl connection.  In an ssl connection,
  all traffic is encrypted between the endpoints (ip/port pairs).  The http
  headers (which apache uses to determine which host to give the query
  to in a namedvirturalhost configuration) are encrypted inside the ssl
  connection and are unavailble to apache until after the ssl connection
  has been accepted. But in order to accept the connection, apache has to
  use the correct ssl key, which is normally different for each ssl-enabled
  host.  Kind of a chicken-or-egg problem.

  To host multiple ssl-enabled hosts on one server, you must use either
  seperate ports on the same ip address, or multiple addresses.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)

iD8DBQE/OnGS+ShVRkQlJBIRApmxAKDBBrsCr21KccaabVOu2ubVD/5r6QCgged+
7F8pj4uGc8hBNk99h9ykQUo=
=iBXz
-----END PGP SIGNATURE-----


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message