----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Sandip Bhattacharya Sent: Friday, September 23, 2005 10:02 AM To: The Linux-Delhi mailing list Subject: Re: [ilugd] Running multiple SSL Virtual Hosts in Apache in single IP
On Friday, 23 Sep 2005 09:47, Raj Shekhar wrote: > A frequently asked question is "How can I run multiple ssl sites on a > single IP". The answer is "no, you cannot". However, you can. You > will get the warning message that the SSL certificate does not match the > web site you wanted to view. See here for details > http://www.onlamp.com/lpt/a/5629 > > This can be useful if you are running phpmyadmin/squirrelmail/wiki/cms > for your organization on the internet and you want to prevent contents > from being sniffed and you have a single IP. Since this is for your > internal use, it is OK to have the browser pop up the warning box. >... and since you are ok with the warning box anyway, you can use a self >signed SSL certificate. You can still create your own organization CA and >make everybody import its cert to eliminate "unrecognized CA" errors. >Save more money. ;) The SSL provides two layer of Security 1. SSL Layer for encryption A warning Message for wrong certificate *generally* indicates a. The Server you are connecting has wrong certificate installed. OR b. A man in middle Attack is in progress. Hence, the purpose of saving your self from getting sniffed will void. 2. Authentication Layer. - It won't work without verification at some level. Regarding Local CA, I am in favor of it. As long as you install the CA certificate in Your browser from authenticate means. - Sumit >>>>- Sandip -- Sandip Bhattacharya * Puroga Technologies * [EMAIL PROTECTED] Work: http://www.puroga.com * Home/Blog: http://www.sandipb.net/blog PGP/GPG Signature: 51A4 6C57 4BC6 8C82 6A65 AE78 B1A1 2280 A129 0FF3 _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ Event: Freedel 2005, 17th & 18th September, 2005 - http://freedel.in _______________________________________________ ilugd mailinglist -- ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi http://www.mail-archive.com/ilugd@lists.linux-delhi.org/ Event: Freedel 2005, 17th & 18th September, 2005 - http://freedel.in