Hi everyone, Firstly, this is a topic which may have been endlessly covered before, in which case I apologise and will go down in flames...
But having referred to the 2.0 docs (well, more like the FAQ) at http://httpd.apache.org/docs/2.0/ssl/ssl_faq.html#vhosts2 I had a thought about the viability of using SSL with multiple name-based virtual hosts (on one IP address). The docs at the URL given above effectively say that hosting more than one SSL-enabled site using name-based virtual hosting is impossible, as it is only after the SSL envelope has been decrypted that the server can determine the "host" value and match this with the ServerName or ServerAlias. My question is why the server couldn't do some sort of reverse-lookup on its register of SSL certificates that are in use. Surely the server knows which certificate it is using to service the request (or else it wouldn't be able to decrypt its contents) and hence work out which virtual host uses that certificate? This approach means of course that each name-based virtual host would have to use a different certificate - but as those sites are more than likely on different domains the certificates would necessarily be different. Cheers guys, Great server. Mike
