Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Tue, 16 Mar 2004 09:32:03 +0100
Message-ID: 
 <FAB6A3A2CC5BDB448DADFA1C8C0752965F7480@SOMEXEVS001.ex.ordersx.org>
Thread-Topic: [users@httpd] Multiple Secure sites
Importance: normal
Priority: normal
Thread-Index: AcQK2VWGiexgzbxfSY+Ia3gQXp5viwAVrAmg
From: "Boyle Owen" <Owen.Boyle@swx.com>
To: <users@httpd.apache.org>
Subject: RE: [users@httpd] Multiple Secure sites

> -----Original Message-----
> From: Nick [mailto:nick@finiteautomata.com]
>=20
> If I wanted to have multiple SSL sites on one server, do I=20
> have to bind multiple IP's to that machine?  So I would need=20
> one IP per SSL site?

Yes (assuming you want them all on port 443).

>  Is there any other way around this?

No (unless you're willing to have the port numbers in the URL).

The essential point is that the different SSL sites have to be distinct
at the TCP/IP layer (ie, the must have different IP:port combinations).
So you can have 192.168.1.1:443 and 192.168.1.1:444 (port-based) or you
can have 192.168.1.1:443 and 192.168.1.2:443 (ip-based). You can't
distinguish them using the "Host" header (name-based) since that is not
a TCP/IP attribute. The "Host" is only available at the HTTP layer - and
that's encrypted.

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored.=20

Diese E-mail ist eine private und pers=F6nliche Kommunikation. Sie hat
keinen Bezug zur B=F6rsen- bzw. Gesch=E4ftst=E4tigkeit der SWX Gruppe. =
This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le pr=E9sent e-mail =
est
un message priv=E9 et personnel, sans rapport avec l'activit=E9 =
boursi=E8re du
Groupe SWX.


>=20
> Thanks,
> Nick
>=20
>=20
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP=20
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>=20
>

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company.=20


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org