Re: certificate

[Alan Mead <adm ipat com>]

The way it was explained to me is that the name of the site gets decrypted 
too late for name-based redirection.  Now you can have multiple name-based 
virtual hosts and a single SSL virtual host but it's cheating to say that 
it's name-based because it actually monitors all connections on port 443 
(regardless of name).

So the only way to have multiple virtual SSL hosts is to have each one 
listen to a different port or IP.

I second Charles...  if I'm wrong, I'd love to be corrected.  I never tried 
multiple name-based myself.

-Alan

At 07:54 PM 2/20/00 , you wrote:
> I am no expert, but here was my experience when I tried this.
>
> I setup 2 name based virtual doamins, each having their own cert.
>
> If I went to siteA first, it's cert would get read. If I then went to
> siteB, it just used siteA's cert.
>
> If I went to siteB first, it's cert would get read. If I then went to
> siteA, it just used siteB's cert.
>
> I'd love to know how you got this to work, if it does indeed work for you.
>
> charles
>
> On Sun, 20 Feb 2000, Gordon Messmer wrote:
>
> > Igmar Palsenberg wrote:
> > > None. You can't user SSL virt named based virtual hosting. You'll have to
> > > have a IP for each https site you run.
> >
> > Maybe I'm late on this one, but can you explain why that is?  I'm
> > running several secure sites on a single IP using apache-ssl on a test
> > box, and I don't see any problems with doing so.
> >
> > What product has this limitation?  Why would it be limited so?
> >
> > MSG
>
>
> --
> To unsubscribe: mail redhat-list-request redhat com with "unsubscribe"
> as the Subject.

---
Alan D. Mead  /  Research Scientist  /  adm ipat com
Institute for Personality and Ability Testing
1801 Woodfield Dr  /  Savoy IL 61874 USA
217-352-4739 (v)  /  217-352-9674 (f)