Joseph Mack NA3T wrote: > On Thu, 25 Oct 2007, Joseph Mack NA3T wrote: > >> wonderful. People fall all over https on lvs and Graeme has >> been rescuing everyone. > > I don't suppose you know if you can run two https sites with > the same IP (like you can for http)?
It is possible to create a service certificate with a wildcard in the CN string. We've got a few of these at Fermi. I think this would enable the ability to get around the catch-22 of having to read the http request header before the ssl handshake is completed - the handshake is still completed before reading the header, but since you've got a wildcard in the CN, it should succeed, then the server can read the header and redirect appropriately. So, yes, I think it can be done for a special use case where the servers have the similar enough hostnames that a suitable certificate can be generated. I'll ask around to see if anyone here is doing that. Cheers, Dan -- Dan Yocum Fermilab 630.840.6509 [EMAIL PROTECTED], http://fermigrid.fnal.gov Fermilab. Just zeros and ones. _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
