httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Preston Podaril <p...@ispi.net>
Subject Re: [users@httpd] separate certificate per virtual host
Date Thu, 03 Feb 2005 16:34:03 GMT
yes, we implement this exactly.  You have to use ipbase virtual hosting 
with SSL.  It is not possible to use SSL with name based virtual hosts.

Nelson, Robert D. wrote:
> Yassen:
> 
> 
>>Hi all (my first post to this list):
> 
> 
> Welcome. :)
> 
> 
>>I could not find any help so far for resolving the following problem:
>>
>>apache 2.0.52 w/ dynamic virtual hosts (we host a lot of
>>domains, so dynamic virtual hosting is a great relief -- I
>>cannot part with it!)
>>
>>Need to present a host-specific SSL certificate for each
>>virtual host, so the host name in the certificate matches the
>>virtual host name. How to configure apache to handle this case?
> 
> 
> The SSL handshake happens before any HTTP headers are sent, which is why you
> MUST use IP-based virtual hosting with SSL. This way, Apache knows what
> virtual host to serve up by the IP of the request without knowing the 'host'
> line in the headers.
> 
> You can read up on IP-based virtual hosting here:
> 
>  http://httpd.apache.org/docs-2.0/vhosts/ip-based.html
> 
> 
>>Any help or a pointer to a good reading will be appreciated!
>>Thanks in advance!
> 
> 
> I've never used dynamic virtual hosts with SSL before, but I'd think it's
> possible as long as you stick to separate IPs for each virtual host. Maybe
> you can glean some info from this:
> 
>  http://httpd.apache.org/docs-2.0/vhosts/mass.html#ipbased
> 
> I'd think someone in this group has tried this before. Anyone?
> 
>  ~ Robert
> 
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message