On Thu, 27 Feb 2003, Nick Tonkin wrote: > On Thu, 27 Feb 2003, R. DuFresne wrote: > > > > > You gave this site it's own IP address yes? > > No. It is using NameVirtualHost. > > > > > Virtual hosting with non-ssl works in a 'software' aware mode, while > > virtual hosting with ssl is more 'hardware' in nature requireing specifici > > IP addressing to function properly. > > > Hmm. I must have missed this in the docos. Rechecking ... > > Hm. Well, I see that I was on the wrong track with "How can I authenticate > my clients for a particular URL based on certificates but still allow > arbitrary clients to access the remaining parts of the server?" ... that > appears on closer inspection to deal with certificate-wielding clients ... > > Hm. > > So, bottom line, it is not possible to have a virtual host accessible via > http and require SSL for a part of it. Is that correct?
It's somewhat dependant upon what you are serving up. If there are like perhaps two ends of the virtual host<s>, say, http://www.someplace.com and https://someplace.com under the same IP address space, then you will work okay. If you are virtual hosting more then this, then you need seperate IP addresses for at least each and every SSL vh, and if there's a no0n-ssl end, that vh would need to most likely match the IP addressing setup of the ssl side. I'm sure others will correct or enhance what I'm prolly splaining poorly here. thanks, Ron DuFresne > > Thanks, > > - nick > > -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ admin & senior security consultant: sysinfo.com http://sysinfo.com "Cutting the space budget really restores my faith in humanity. It eliminates dreams, goals, and ideals and lets us get straight to the business of hate, debauchery, and self-annihilation." -- Johnny Hart testing, only testing, and damn good at it too! ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
