[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] [RaQ550] SSL only available for 1 site?

Subject: Re: [cobalt-users] [RaQ550] SSL only available for 1 site?
From: Alex Krohn <alex@xxxxxxxxxxxxxxxxxxxx>
Date: Thu Sep 12 11:45:57 2002
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Hi,

> > SSL Is a brat ... when you register with whomever, you need to specify an IP
> > address.
> 
> AFAIK you don't speify an ip to register with a cert provider, they only
> go by the FQDN. Because you can move the cert (domain) to different ip
> addresses, as long as the FQDN is the same.
> 
> It must be mod_ssl or apache that restricts it to 1 ip address

No, it's the HTTPS protocol itself which prevents using Name Based domains.
The full headers of the request are encrypted via SSL, so Apache can not look
at the Host: header to figure out what domain this request is for in order to
decrypt it. The only way Apache can know which domain it's for is via the IP
address.

Cheers,

Alex
--
Alex Krohn <alex@xxxxxxxxxxxxxxxxxxxx>
http://gossamer-threads.com/cobalt/

Follow-Ups:
- Re: [cobalt-users] [RaQ550] SSL only available for 1 site?
  - From: Gerald Waugh

References:
- RE: [cobalt-users] [RaQ550] SSL only available for 1 site?
  - From: BSmith
- RE: [cobalt-users] [RaQ550] SSL only available for 1 site?
  - From: Gerald Waugh

Prev by Date: [cobalt-users] Re: [RaQ550] SSL only available for 1 site?
Next by Date: Re: [cobalt-users] Re: Unsubscribe? HOw to
Previous by thread: Re: [cobalt-users] Re: [RaQ550] SSL only available for 1 site?
Next by thread: Re: [cobalt-users] [RaQ550] SSL only available for 1 site?

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index