Re[2]: problems with SSL and host-headers

2002-07-29 Thread cf-talk 

Hello Christopher,

Monday, July 29, 2002, 4:43:40 PM, you wrote:

CO right.  this changes the one of three rule for site identification in IIS.
CO three things identify a virtual site in IIS:

CO 1) IP address.
CO 2) Port number.
CO 3) Host header.

CO change at least one of the three, and you have a different site in IIS.
CO SSL will not work, however, if you're using host headers as your one of
CO three.

CO chris

CO -Original Message-
CO From: WebMaster [mailto:[EMAIL PROTECTED]]
CO Sent: Monday, July 29, 2002 9:37 AM
CO To: CF-Talk
CO Subject: Re: problems with SSL and host-headers


CO They were correct.  Since IIS can't see the header, your request is going to
CO be sent directly to port 443, which is most likely listened to by the
CO default or admin virtual domain..  \
CO However, this is possible.  I have done this in the past using the undefined
CO ports starting at 28000.  If you set your SSL port to 28000 for that virtual
CO domain, this should work.  You just have to remember to code all your links
CO to point to the correct port.

CO - Original Message -
CO From: Christopher Olive [EMAIL PROTECTED]
CO To: CF-Talk [EMAIL PROTECTED]
CO Sent: Monday, July 29, 2002 9:28 AM
CO Subject: RE: problems with SSL and host-headers


 pretty much correct.  in IIS, you cannot use host headers to differentiate
 sites AND use an SSL cert on those sites.  the request is encrypted
 (obviously, it's SSL), and IIS can't see the encrypted host header to know
 which site to send it to (and which SSL cert to use to decrypt it).

 -Original Message-
 From: cf-talk [mailto:[EMAIL PROTECTED]]
 Sent: Saturday, July 27, 2002 5:16 PM
 To: CF-Talk
 Subject: OT: problems with SSL and host-headers


 Hi list,
 I have a CF-shared box with
 one IP-adress.
 I would like to do the following:
 Having access to https://subdomain.domain.com:443
 I have a valid certificate for this subdomain from Thawte
 but when I try to connect to that URL
 I get an error, that there is no such server.
 I am sure it has s.th. to do with host-headers.
 Someone else told me, that you can only run one certificate
 with one port (e.g. 443) on the same IP using host-headers (HTTP 1.1)
 Can s.o. verify this ?
 Thanks Uwe



CO 
__
This list and all House of Fusion resources hosted by CFHosting.com. The place for 
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists

RE: Re[2]: problems with SSL and host-headers

2002-07-29 Thread Christopher Olive 

yes.  yes i did write that.

co.

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Monday, July 29, 2002 12:19 PM
To: CF-Talk
Subject: Re[2]: problems with SSL and host-headers


Hello Christopher,

Monday, July 29, 2002, 4:43:40 PM, you wrote:

CO right.  this changes the one of three rule for site identification in
IIS.
CO three things identify a virtual site in IIS:

CO 1) IP address.
CO 2) Port number.
CO 3) Host header.

CO change at least one of the three, and you have a different site in
IIS.
CO SSL will not work, however, if you're using host headers as your one of
CO three.

CO chris

CO -Original Message-
CO From: WebMaster [mailto:[EMAIL PROTECTED]]
CO Sent: Monday, July 29, 2002 9:37 AM
CO To: CF-Talk
CO Subject: Re: problems with SSL and host-headers


CO They were correct.  Since IIS can't see the header, your request is
going to
CO be sent directly to port 443, which is most likely listened to by the
CO default or admin virtual domain..  \
CO However, this is possible.  I have done this in the past using the
undefined
CO ports starting at 28000.  If you set your SSL port to 28000 for that
virtual
CO domain, this should work.  You just have to remember to code all your
links
CO to point to the correct port.

CO - Original Message -
CO From: Christopher Olive [EMAIL PROTECTED]
CO To: CF-Talk [EMAIL PROTECTED]
CO Sent: Monday, July 29, 2002 9:28 AM
CO Subject: RE: problems with SSL and host-headers


 pretty much correct.  in IIS, you cannot use host headers to
differentiate
 sites AND use an SSL cert on those sites.  the request is encrypted
 (obviously, it's SSL), and IIS can't see the encrypted host header to
know
 which site to send it to (and which SSL cert to use to decrypt it).

 -Original Message-
 From: cf-talk [mailto:[EMAIL PROTECTED]]
 Sent: Saturday, July 27, 2002 5:16 PM
 To: CF-Talk
 Subject: OT: problems with SSL and host-headers


 Hi list,
 I have a CF-shared box with
 one IP-adress.
 I would like to do the following:
 Having access to https://subdomain.domain.com:443
 I have a valid certificate for this subdomain from Thawte
 but when I try to connect to that URL
 I get an error, that there is no such server.
 I am sure it has s.th. to do with host-headers.
 Someone else told me, that you can only run one certificate
 with one port (e.g. 443) on the same IP using host-headers (HTTP 1.1)
 Can s.o. verify this ?
 Thanks Uwe



CO

__
This list and all House of Fusion resources hosted by CFHosting.com. The place for 
dependable ColdFusion Hosting.
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists