[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: [RaQ550] SSL only available for 1 site?

Subject: [cobalt-users] Re: [RaQ550] SSL only available for 1 site?
From: Chris Adams <cmadams@xxxxxxxxxx>
Date: Thu Sep 12 11:37:02 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Once upon a time, Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx> said:
> AFAIK you don't speify an ip to register with a cert provider, they only
> go by the FQDN. Because you can move the cert (domain) to different ip
> addresses, as long as the FQDN is the same.

That is true.  The certificate is tied to the fully qualified domain
name.

> It must be mod_ssl or apache that restricts it to 1 ip address

No, that is wrong.  The SSL protocol restricts you to one SSL server per
IP address.  The "Host:" header (used for distinguishing different hosts
on a single IP) is not sent until after SSL negotiation, so the server
can only have one certificate associated with a particular IP address.

Doesn't anyone read the archives?  This comes up on a regular basis.
-- 
Chris Adams <cmadams@xxxxxxxxxx>
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but myself - that's enough trouble.

Follow-Ups:
- Re: [cobalt-users] Re: [RaQ550] SSL only available for 1 site?
  - From: Gerald Waugh

References:
- RE: [cobalt-users] [RaQ550] SSL only available for 1 site?
  - From: BSmith
- RE: [cobalt-users] [RaQ550] SSL only available for 1 site?
  - From: Gerald Waugh

Prev by Date: Re: [cobalt-users] Tomcat Again
Next by Date: Re: [cobalt-users] [RaQ550] SSL only available for 1 site?
Previous by thread: RE: [cobalt-users] [RaQ550] SSL only available for 1 site?
Next by thread: Re: [cobalt-users] Re: [RaQ550] SSL only available for 1 site?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index