Hi John, > If you had a wildcard certificate which worked for *.domain.com, would name > virtual hosting be possible then assuming that all your virtual hosts were > things like "secure.domain.com" and "basket.domain.com" as they are actually > all using the same wildcard certificate for the SSL handshake.
I think that it is possible as long as the each domain name of your virtual hosts has the IP address associated with the inet address. I believe that the wildcard certificate and domain names are a client side issue. The browser will check the dn in URL and certificate. I do not know whether IE still accepts this certificate or not. If there are any issues in server side, I want to know them. -Kiyoshi Kiyoshi Watanabe > If anyone could answer that, it would be great and potentially save some > messing when it comes to IP addresses. > > Cheers > > JB > > -----Original Message----- > From: Dave Paris [mailto:[EMAIL PROTECTED] > Sent: 21 August 2003 04:59 > To: [EMAIL PROTECTED] > Cc: Ian Newlands > Subject: Re: virtual hosting > > > geeze. is it that time of the month already for this question? seems > like it was just yesterday when it was asked last .. maybe I'm just > thinking of the other 100,000 times it was asked. > > in all seriousness, this dead horse has been beaten so many times on > this list there isn't even a carcass left to hit at this point. please > go dig through the mail list archives to see why name-based virtual > hosts don't work with SSL. > > yes, that's a flippant answer. no, you're not likely to get a reply > any more serious. > > -dsp > > On Wednesday, Aug 20, 2003, at 22:09 US/Eastern, Ian Newlands wrote: > > > I am currently running about 15 virtual hosts using name based on port > > 80, and 1 virtual host using SSL. > > > > My SSL host is currently working with the following: > > > > <VirtualHost _default_:443> > > > > However I want to change this to the IP based hosting for this host, > > allowing me to then add more SSL based virtual hosts on this setup, so > > I tried changing this to the following: > > > > <VirtualHost 203.xxx.xxx.xxx:443> > > > > By doing this my SSL virtual host stops working altogether. > > > > I try the following to debug it on a remote machine: > > > > # openssl s_client -connect 203.xxx.xxx.xxx:443 > > CONNECTED(00000003) > > 27604:error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown > > protocol:s23_clnt.c:475: > > > > I do the exact same thing on the local machine and it responds with a > > valid SSL response. > > > > Can anyone suggest might be wrong here? > > > > Regards, > > > > Ian Newlands > > > > _________________________________________________________________ > > Hotmail is now available on Australian mobile phones. Go to > > http://ninemsn.com.au/mobilecentral/signup.asp > > > > ______________________________________________________________________ > > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > > User Support Mailing List [EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > > This email has been scanned for all viruses by the MessageLabs SkyScan > service. > > > ********************************************************************************** > This email and any files transmitted with it are confidential, and may be subject to > legal privilege, and are intended solely for the use of the individual or entity to > whom they are addressed. > If you have received this email in error or think you may have done so, you may not > peruse, use, disseminate, distribute or copy this message. Please notify the sender > immediately and delete the original e-mail from your system. > > Computer viruses can be transmitted by e-mail. Recipients should check this e-mail > for the presence of viruses. The Capita Group and its subsidiaries accept no > liability for any damage caused by any virus transmitted by this e-mail. > *********************************************************************************** > > ______________________________________________________________________ > Apache Interface to OpenSSL (mod_ssl) www.modssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
