httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark McCulligh" <mmccu...@visualtech.ca>
Subject Re: [users@httpd] Multiple SSL
Date Sun, 08 Feb 2004 17:12:10 GMT
Form my understanding no.  I have 3 IP address on my this server. One has
about 30 name based sites.  The other 2 IPs have a IP based site each plus
SSL on the site too.

In short every site you want SSL on you have to give it its own IP address.
Then any site that doesn't need SSL you can group them all under one IP
address that does nothing but name based hosting. But you can't mix them.
The IP address that is running all your name based site can't have any SSL.

This is just my understanding of it.

Mark.

----- Original Message -----
From: "Dan Lambert" <danlambert@bellsouth.net>
To: <users@httpd.apache.org>
Sent: Sunday, February 08, 2004 12:02 PM
Subject: RE: [users@httpd] Multiple SSL


> Is there any problem with having one SSL domain on the same server as
> non-SSL domains using vhosting?
>
> Dan Lambert
> Certifiable Linux Know-Nothing.
>
> > -----Original Message-----
> > From: Brian Dessent [mailto:brian@dessent.net]
> > Sent: Sunday, February 08, 2004 11:51 AM
> > To: users@httpd.apache.org
> > Subject: Re: [users@httpd] Multiple SSL
> >
> >
> > Mark McCulligh wrote:
> > >
> > > Hi Group,
> > >
> > > I am tryng to set two SSL on my server through VirtualHost. Do
> > you have to
> > > comment out the <VirtualHost _default_:443> Right now I get the
> > default SSL
> > > when I try to use https://www.visualtech.ca
> > >
> > > My one VirtualHost setup looks like this:
> >
> > If you're trying to have two SSL vhosts on the same IP:port combination,
> > then stop right there.  Name-based vhosting with SSL is not possible --
> > each SSL vhost must be on its own port or IP address, or combination of
> > the two.  The reason for this is that SSL must negotiate keys and
> > exchange certificates before any HTTP headers or requests have been
> > sent, but in the case of name-based vhosting Apache does not know which
> > virtual host its dealing with until the "Host:" header has been sent.
> > So this is a fundamental limitation of how the two protocols interact,
> > and it's not specific to Apache or any other webserver or SSL
> > implementation.  See also:
> > <http://www.modssl.org/docs/2.8/ssl_faq.html#vhosts>
> >
> > Brian
> >
> > ---------------------------------------------------------------------
> > The official User-To-User support forum of the Apache HTTP Server
Project.
> > See <URL:http://httpd.apache.org/userslist.html> for more info.
> > To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> >    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> > For additional commands, e-mail: users-help@httpd.apache.org
> >
>
>
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message