Return-Path: Delivered-To: apmail-httpd-users-archive@www.apache.org Received: (qmail 94415 invoked from network); 19 Oct 2007 15:26:40 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 19 Oct 2007 15:26:40 -0000 Received: (qmail 52589 invoked by uid 500); 19 Oct 2007 15:26:18 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 51895 invoked by uid 500); 19 Oct 2007 15:26:16 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 51884 invoked by uid 99); 19 Oct 2007 15:26:16 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Oct 2007 08:26:16 -0700 X-ASF-Spam-Status: No, hits=2.0 required=10.0 tests=HTML_MESSAGE,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of md2600@gmail.com designates 64.233.166.183 as permitted sender) Received: from [64.233.166.183] (HELO py-out-1112.google.com) (64.233.166.183) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 19 Oct 2007 15:26:17 +0000 Received: by py-out-1112.google.com with SMTP id u52so1220109pyb for ; Fri, 19 Oct 2007 08:25:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; bh=XQV7cV524XXKWWtlksXJbdy0QBm2n5x2wCODbCohifc=; b=omuTvgNVqKRMzl015nopc0CYCcUYL7amg73kCF+4jjYZjXgmgvigm+Y3a6vnsmFKGpqEbMhtPsKdZEyQAKila+QJofyhnJTJuVXZunGSWNLjpNw4GgkXFw6qIZ+tiJTFCZBM1Uqx0xDYLcIp6IS649bpnP+qyilhS4Z2esqqHg4= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:references; b=pyhq3IdCU01BS0c/0d3QYKTloy8YOeQ0K29thr8tbXudBiukbdTVqHn9DD5QFKS0AZooQt7QYHGIdpZcGMaxlnAi79r98/l59uzKmoD7HyszJP7EYwSvzhgSwHmrfyXV5Hl41VAGqm9eaKE1E5d8E/buRDRRcYtqUzR1yXdaJEc= Received: by 10.65.23.7 with SMTP id a7mr3656510qbj.1192807554727; Fri, 19 Oct 2007 08:25:54 -0700 (PDT) Received: by 10.64.53.8 with HTTP; Fri, 19 Oct 2007 08:25:54 -0700 (PDT) Message-ID: Date: Fri, 19 Oct 2007 11:25:54 -0400 From: "Mark Drummond" To: users@httpd.apache.org In-Reply-To: <469821.57467.qm@web63010.mail.re1.yahoo.com> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_Part_6686_16318819.1192807554728" References: <469821.57467.qm@web63010.mail.re1.yahoo.com> X-Virus-Checked: Checked by ClamAV on apache.org Subject: Re: [users@httpd] RE: [SPAM] - [users@httpd] application.company.com vs. www.company.com/application? - Email found in subject ------=_Part_6686_16318819.1192807554728 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline We're a relatively small shop. We have some Cisco content switches, and the intent *is* to load balance across two physical boxes, but the SSL will be handled by the web servers themselves. Can I use the same cert on both machines? On 19/10/2007, Peter Milanese wrote: > > If you have the cash, front end it with some SSL Terminating load > balancers. > > ----- Original Message ---- > From: "jmacaranas@fxdd.com" > To: users@httpd.apache.org > Sent: Friday, October 19, 2007 11:16:47 AM > Subject: [users@httpd] RE: [SPAM] - [users@httpd] application.company.comvs. > www.company.com/application? - Email found in subject > > Unless you are using the load balancer ( hardware or software ) or a load > balancing scheme it shouldn't matter. > > > > *From:* Mark Drummond [mailto:md2600@gmail.com] > *Sent:* Friday, October 19, 2007 11:09 AM > *To:* users@httpd.apache.org > *Subject:* [SPAM] - [users@httpd] application.company.com vs. > www.company.com/application? - Email found in subject > > > > Hi all, > > I have Apache sitting in front of some WebSphere app servers. So far, we > have always used virtual hosts in Apache to give each application it's own > FQDN. So we have app1.foo.com , app2.foo.com etc. This is leading to a > (small) proliferation of FQDNs, and now I am wondering if it is better to > have a single FQDN and use URIs to separate the applications. In other > words, going to www.foo.com/app1, www.foo.com/app2. So now I am trying to > figure out the pros and cons, and looking for some input on how others are > doing this. > > The way I see it, separate FQDNs for every application require more > administration. Because we are doing SSL everywhere I have to use IP based > virtual hosts so I'm creating new interfaces and allocating new IP addresses > for every new application. And then every app requires it's own certificate. > On the other hand, the increased separation between applications (separate > virtual hosts) looks good on paper, and does give me configuration > flexibility, separate log files etc. > > Moving to www.foo.com/app# means I only ever need > one certificate. Adding a new app is as easy as creating a new directory > under htdocs. I end up with just one log file, but that is OK since awstats > can filter for us. > > Any input is appreciated. > > Thanks, > Mark > > -- > Georgia: Why am I not doing what they're doing? > Rube: Because you're doing what you're doing. When it's time for you to do > something else you'll do that. > > > ----------------------------------------------------------------------------- > This message and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom it is > addressed. It may contain sensitive and private proprietary or legally > privileged information. No confidentiality or privilege is waived or > lost by any mistransmission. If you are not the intended recipient, > please immediately delete it and all copies of it from your system, > destroy any hard copies of it and notify the sender. You must not, > directly or indirectly, use, disclose, distribute, print, or copy any > part of this message if you are not the intended recipient. > FXDirectDealer, LLC reserves the right to monitor all e-mail > communications through its networks. Any views expressed in this > message are those of the individual sender, except where the > message states otherwise and the sender is authorized to state them. > > Unless otherwise stated, any pricing information given in this message > is indicative only, is subject to change and does not constitute an > offer to deal at any price quoted. Any reference to the terms of > executed transactions should be treated as preliminary only and subject > to our formal confirmation. FXDirectDealer, LLC is not responsible for any > recommendation, solicitation, offer or agreement or any information > about any transaction, customer account or account activity contained in > this communication. > > > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > -- Georgia: Why am I not doing what they're doing? Rube: Because you're doing what you're doing. When it's time for you to do something else you'll do that. ------=_Part_6686_16318819.1192807554728 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline We're a relatively small shop. We have some Cisco content switches, and the intent *is* to load balance across two physical boxes, but the SSL will be handled by the web servers themselves.

Can I use the same cert on both machines?

On 19/10/2007, Peter Milanese <milanesefamille@yahoo.com> wrote:
If you have the cash, front end it with some SSL Terminating load balancers.

----- Original Message ----
From: " jmacaranas@fxdd.com" <jmacaranas@fxdd.com>
To: users@httpd.apache.org
Sent: Friday, October 19, 2007 11:16:47 AM
Subject: [users@httpd] RE: [SPAM] - [users@httpd] application.company.com vs. www.company.com/application? - Email found in subject

Unless you are using the load balancer ( hardware or software ) or a load balancing scheme it shouldn't matter. 

 

From: Mark Drummond [mailto:md2600@gmail.com]
Sent: Friday, October 19, 2007 11:09 AM
To: users@httpd.apache.org
Subject: [SPAM] - [users@httpd] application.company.com vs. www.company.com/application? - Email found in subject

 

Hi all,

I have Apache sitting in front of some WebSphere app servers. So far, we have always used virtual hosts in Apache to give each application it's own FQDN. So we have app1.foo.com , app2.foo.com etc. This is leading to a (small) proliferation of FQDNs, and now I am wondering if it is better to have a single FQDN and use URIs to separate the applications. In other words, going to www.foo.com/app1, www.foo.com/app2. So now I am trying to figure out the pros and cons, and looking for some input on how others are doing this.

The way I see it, separate FQDNs for every application require more administration. Because we are doing SSL everywhere I have to use IP based virtual hosts so I'm creating new interfaces and allocating new IP addresses for every new application. And then every app requires it's own certificate. On the other hand, the increased separation between applications (separate virtual hosts) looks good on paper, and does give me configuration flexibility, separate log files etc.

Moving to www.foo.com/app# means I only ever need one certificate. Adding a new app is as easy as creating a new directory under htdocs. I end up with just one log file, but that is OK since awstats can filter for us.

Any input is appreciated.

Thanks,
Mark

--
Georgia: Why am I not doing what they're doing?
Rube: Because you're doing what you're doing. When it's time for you to do something else you'll do that.

-----------------------------------------------------------------------------
This message and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom it is
addressed. It may contain sensitive and private proprietary or legally
privileged information. No confidentiality or privilege is waived or
lost by any mistransmission. If you are not the intended recipient,
please immediately delete it and all copies of it from your system,
destroy any hard copies of it and notify the sender. You must not,
directly or indirectly, use, disclose, distribute, print, or copy any
part of this message if you are not the intended recipient.
FXDirectDealer, LLC reserves the right to monitor all e-mail
communications through its networks. Any views expressed in this
message are those of the individual sender, except where the
message states otherwise and the sender is authorized to state them.

Unless otherwise stated, any pricing information given in this message
is indicative only, is subject to change and does not constitute an
offer to deal at any price quoted. Any reference to the terms of
executed transactions should be treated as preliminary only and subject
to our formal confirmation. FXDirectDealer, LLC is not responsible for any
recommendation, solicitation, offer or agreement or any information
about any transaction, customer account or account activity contained in
this communication.



__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com



--
Georgia: Why am I not doing what they're doing?
Rube: Because you're doing what you're doing. When it's time for you to do something else you'll do that. ------=_Part_6686_16318819.1192807554728--