>
> Could anyone please explain what is namebased and what is IP based? What
> are the differences and how they work for SSL connections handling?
> Can I use the following declaration for Virtual Host declaration with
> modSSL? I am having problems with IE Browsers ONLY while connecting from
> dial-up connections. I want to know whether this is any reason for that.!
I can't help much with the MSIE problem, but here's name-based vs. IP based:
IP-based is where each VHost has it's own IP address, name-based is where
many VHosts share a single IP address. HTTP/1.0 only supported IP based,
due to the connection protocol:
% telnet one.fish.com 80
Connected to 1.2.3.4
GET /index.html HTTP/1.0
<server responds with /index.html for one.fish.com>
% telnet two.fish.com 80 # (assume one.fish and two.fish not same IP)
Connected to 1.2.3.5
GET /index.html HTTP/1.0
<server responds with /index.html for two.fish.com>
With HTTP/1.1, a new request header (Host) was added, which is always
transmitted from browser to server, and which *may* be interpreted by
the server (it *is*, if name-based hosting is used, and not if not).
% telnet one.fish.com 80
Connected to 1.2.3.4
GET /index.html HTTP/1.1
Host: one.fish.com
<server responds with /index.html for one.fish.com>
% telnet two.fish.com 80 # (assume one.fish and two.fish *same* IP)
Connected to 1.2.3.4
GET /index.html HTTP/1.1
Host: two.fish.com
<server responds with /index.html for two.fish.com>
With SSL, the connection is established *first* based on IP address, and once
the connection is made, the HTTP/1.x communication occurs. You can't use
name-based VHosting and SSL, because the connection is made to an IP address,
the SSL communication is made based on the sertificate associated with the
host-name associated with that address - and you can't "switch" names once
the communication has started.
-Dan
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]