[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] HELP! RaQ3 Problems

Subject: Re: [cobalt-users] HELP! RaQ3 Problems
From: "Robert G. Fisher" <rfisher@xxxxxxxxxxxxxxx>
Date: Tue Jan 18 12:38:49 2000

On Tue, Jan 18, 2000 at 01:23:49PM -0600, Chris Adams wrote:
> Once upon a time, Liz B. <daldog@xxxxxxxx> said:
> > 1) I'm utilizing the name-based IPs features for virtual
> > sites, but I need to be able to allow my virtual sites to
> > use my current SSL certificate.  How can I get this to work
> > without having to assign each virtual site their own IP
> > address?   Doing otherwise would be a big waste of IPs, plus
> 
> You can't.  It is because of the SSL protocol.  _All_ communication is
> encrypted, and since you only know which IP the client is connecting to,
> that is all you can use when you select the SSL certificate (encryption
> keys) to use.

Not exactly...The digital certificates record the common name of the
site -- or FDQN -- they do not record the IP address of a site.

What this means is that even if you point two FDQN hostnames to a
single IP -- only one will work since it's what is stored in the
certificate -- UNLESS -- you register a different certificate for
each name.

If you want to share your certificate -- the easiest way is to create
some symbolic links under the home dir of your secure site to the
users's web site areas...this way they will be able to access it
via https://www.yourdomain.com/<theirdomain>/foo.html

References:
- [cobalt-users] HELP! RaQ3 Problems
  - From: Liz B.
- Re: [cobalt-users] HELP! RaQ3 Problems
  - From: Chris Adams

Prev by Date: [cobalt-users] Crontab
Next by Date: Re: [cobalt-users] HELP! RaQ3 Problems
Previous by thread: Re: [cobalt-users] HELP! RaQ3 Problems
Next by thread: Re: [cobalt-users] HELP! RaQ3 Problems

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index