> this might be a dumb question, but here it goes :-) I'm testing
> IP-based vhosts on a FreeBSD 3.3 machine. Now I've read the FAQ and
> looked on the sites of various CA's but this isn't covered AFAIK.
> When I want to support https on vhosts, I need a server.crt and a
> server.key for each vhost? Are there other options?
What a lot of hosting companies do is set up a single secure domain on
each server, which all of their clients can use to for secure
communication. Typically, the domain looks something like this:
servername.secure-server.com. And when clients want to invoke https, the
URL will usually look like the following (for example the client domain is
foobar.com):
https://servername.secure-server.com/foobar/
The preceding example would call the html root directory for foobar.com,
and subfolders could of course be appended to the URL above.
Of course this is not the most attractive URL from a clients standpoint,
but you can always let your clients buy their own domain certificate and
charge them a setup fee to generate the key and CSR and install the cert.
For some odd reason I made the assumption that you are setting up a web
hosting service, yet you never made any indication that you were doing
such in the message above. Oops... I apologize if this information is
not relevent to your needs.
Dave
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
